197 matches found
CVE-2025-22983
An access control issue in the component /square/getAllSquare/circle of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information...
CVE-2025-22984
An access control issue in the component /api/squareComment/DelectSquareById of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information...
IceCMS 安全漏洞
IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. A security vulnerability exists in IceCMS version v2.2.0, which originates from improper access control in component/api/squareComment/DelectSquareById. An attacker...
CVE-2025-22984
An access control issue in the component /api/squareComment/DelectSquareById of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information...
IceCMS 安全漏洞
IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. A security vulnerability exists in IceCMS version v2.2.0, which originates from improper access control in component /square/getAllSquare/circle. An attacker...
PT-2025-4758 · Icecms · Icecms
Name of the Vulnerable Software and Affected Versions: iceCMS version 2.2.0 Description: An access control issue in the component "/api/squareComment/DelectSquareById" allows unauthenticated attackers to access sensitive information. Recommendations: For iceCMS version 2.2.0, consider disabling...
PT-2025-4757 · Icecms · Icecms
Name of the Vulnerable Software and Affected Versions: iceCMS version 2.2.0 Description: An access control issue in the component "/square/getAllSquare/circle" allows unauthenticated attackers to access sensitive information. Recommendations: For iceCMS version 2.2.0, consider restricting access ...
CVE-2025-22983
An access control issue in the component /square/getAllSquare/circle of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information...
CVE-2025-22984
An access control issue in the component /api/squareComment/DelectSquareById of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information...
CVE-2025-22983
An access control issue in the component /square/getAllSquare/circle of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information...
CVE-2025-22984
CVE-2025-22984 refers to an access-control vulnerability in iceCMS v2.2.0, where the endpoint /api/squareComment/DelectSquareById can be accessed by unauthenticated users to retrieve sensitive information. The publicly available descriptions consistently identify an improper access-control mechan...
CVE-2025-22983
CVE-2025-22983 affects iceCMS v2.2.0. Affected component: /square/getAllSquare/circle, where improper access control allows unauthenticated attackers to access sensitive information. Root cause is an access-control issue; impact is information disclosure. Exploitation details are not provided in ...
IceCMS File Upload Vulnerability
IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation . A file upload vulnerability exists in IceCMS 3.4.7 and earlier versions, which stems from the lack of validation of uploaded files in the uploadFile method of FileUtils.java. An attacker can use...
CVE-2024-48202
icecms =3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile...
CVE-2024-48202
icecms =3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile...
CVE-2024-48202
icecms =3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile...
IceCMS 安全漏洞
IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation . A file upload vulnerability exists in IceCMS 3.4.7 and earlier versions, which stems from the lack of validation of uploaded files in the uploadFile method of FileUtils.java. An attacker can use...
CVE-2024-48202
icecms =3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile...
CVE-2024-48202
IceCMS
PT-2024-33023 · Icecms · Icecms
Name of the Vulnerable Software and Affected Versions: icecms versions 3.4.7 and earlier Description: The issue is related to a File Upload vulnerability. It affects the uploadFile function in FileUtils.java. Recommendations: For versions 3.4.7 and earlier, update to a version later than 3.4.7 to...