406 matches found
iCMS Cross-Site Request Forgery Vulnerability (CNVD-2023-70069)
iCMS is a software application, an efficient and simple content management system built with PHP and MySQL. A cross-site request forgery vulnerability exists in iCMS version 7.0.16, which stems from the component dosave not adequately verifying that a request comes from a trusted user. The...
iCMS Code Issues Vulnerabilities
iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A code issue vulnerability exists in iCMS versions prior to 2.16.1-git, which stems from a server-side request forgery SSRF vulnerability...
iCMS Cross-Site Scripting Vulnerability
iCMS is a software application. An efficient and clean content management system built with PHP and MySQL. A cross-site scripting vulnerability exists in versions prior to iCMS 2.16.1.-git, which stems from a stored cross-site scripting vulnerability...
CVE-2023-40953
icms 7.0.16 is vulnerable to Cross Site Request Forgery CSRF...
CVE-2023-40953
icms 7.0.16 is vulnerable to Cross Site Request Forgery CSRF...
Cross site request forgery (csrf)
icms 7.0.16 is vulnerable to Cross Site Request Forgery CSRF...
CVE-2023-40953
Affected software: iCMS 7.0.16. Vulnerability: Cross-Site Request Forgery (CSRF). Root cause (per sources): do_save() does not adequately verify that a request originates from a trusted user. Impact (as described): an attacker could forge a malicious request and trick a logged-in user into perfor...
CVE-2023-40953
icms 7.0.16 is vulnerable to Cross Site Request Forgery CSRF...
CVE-2023-40953
icms 7.0.16 is vulnerable to Cross Site Request Forgery CSRF...
iCMS 跨站请求伪造漏洞
iCMS is a software application, an efficient and simple content management system built with PHP and MySQL. A cross-site request forgery vulnerability exists in iCMS version 7.0.16, which stems from the component dosave not adequately verifying that a request comes from a trusted user. The...
icms security breach
iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A security vulnerability exists in icms version 2.16.1-git, which is caused by an External Control of System or Configuration Setting vulnerability...
PT-2023-30294 · Instantsoft · Icms2
Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1-git. Description: The issue allows for external control of system or configuration settings. Recommendations: For versions prior to 2.16.1-git, update to version 2.16.1-git or later to resolve the...
iCMS 安全漏洞
iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A security vulnerability exists in iCMS versions prior to 2.16.1, which arises from a sensitive cookie in an HTTPS session that does not have a security attribute...
iCMS2 跨站脚本漏洞
iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A cross-site scripting vulnerability exists in iCMS2 versions prior to 2.16.1-git, which is rooted in vulnerability to stored cross-site scripting XSS attacks...
iCMS2 代码问题漏洞
iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A code issue vulnerability exists in iCMS2 versions prior to 2.16.1, which stems from vulnerability to server-side request forgery SSRF attacks...
iCMS 授权问题漏洞
iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. An authorization issue vulnerability exists in iCMS versions prior to 2.16.1, which originates from an authentication cookie not being updated after a successful login...
iCMS 安全漏洞
iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A security vulnerability exists in iCMS versions prior to 2.16.1-git, which stems from an unauthenticated password change...
CVE-2023-39806
iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the bakupdata function...
CVE-2023-39805
iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the where parameter at admincp.php...
CVE-2023-39805
iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the where parameter at admincp.php...