Lucene search
K

406 matches found

CNVD
CNVD
added 2023/09/12 12:0 a.m.20 views

iCMS Cross-Site Request Forgery Vulnerability (CNVD-2023-70069)

iCMS is a software application, an efficient and simple content management system built with PHP and MySQL. A cross-site request forgery vulnerability exists in iCMS version 7.0.16, which stems from the component dosave not adequately verifying that a request comes from a trusted user. The...

8.8CVSS8.7AI score0.00236EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/09/10 12:0 a.m.5 views

iCMS Code Issues Vulnerabilities

iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A code issue vulnerability exists in iCMS versions prior to 2.16.1-git, which stems from a server-side request forgery SSRF vulnerability...

5.4CVSS7.1AI score0.00317EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/09/10 12:0 a.m.4 views

iCMS Cross-Site Scripting Vulnerability

iCMS is a software application. An efficient and clean content management system built with PHP and MySQL. A cross-site scripting vulnerability exists in versions prior to iCMS 2.16.1.-git, which stems from a stored cross-site scripting vulnerability...

4.8CVSS6AI score0.00348EPSS
Exploits1References4
OSV
OSV
added 2023/09/08 3:15 a.m.2 views

CVE-2023-40953

icms 7.0.16 is vulnerable to Cross Site Request Forgery CSRF...

8.8CVSS5.8AI score0.00236EPSS
Exploits0References2
NVD
NVD
added 2023/09/08 3:15 a.m.10 views

CVE-2023-40953

icms 7.0.16 is vulnerable to Cross Site Request Forgery CSRF...

8.8CVSS8.7AI score0.00236EPSS
Exploits0References2
Prion
Prion
added 2023/09/08 3:15 a.m.17 views

Cross site request forgery (csrf)

icms 7.0.16 is vulnerable to Cross Site Request Forgery CSRF...

6.8CVSS8.7AI score0.00236EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/09/08 12:0 a.m.48 views

CVE-2023-40953

Affected software: iCMS 7.0.16. Vulnerability: Cross-Site Request Forgery (CSRF). Root cause (per sources): do_save() does not adequately verify that a request originates from a trusted user. Impact (as described): an attacker could forge a malicious request and trick a logged-in user into perfor...

8.8CVSS8.7AI score0.00236EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/08 12:0 a.m.10 views

CVE-2023-40953

icms 7.0.16 is vulnerable to Cross Site Request Forgery CSRF...

6.9AI score0.00236EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/09/08 12:0 a.m.15 views

CVE-2023-40953

icms 7.0.16 is vulnerable to Cross Site Request Forgery CSRF...

8.9AI score0.00236EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/09/08 12:0 a.m.6 views

iCMS 跨站请求伪造漏洞

iCMS is a software application, an efficient and simple content management system built with PHP and MySQL. A cross-site request forgery vulnerability exists in iCMS version 7.0.16, which stems from the component dosave not adequately verifying that a request comes from a trusted user. The...

8.8CVSS6.8AI score0.00236EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/09/01 12:0 a.m.5 views

icms security breach

iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A security vulnerability exists in icms version 2.16.1-git, which is caused by an External Control of System or Configuration Setting vulnerability...

8.8CVSS6.8AI score0.00739EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/09/01 12:0 a.m.6 views

PT-2023-30294 · Instantsoft · Icms2

Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1-git. Description: The issue allows for external control of system or configuration settings. Recommendations: For versions prior to 2.16.1-git, update to version 2.16.1-git or later to resolve the...

8.8CVSS6.7AI score0.00739EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/08/31 12:0 a.m.3 views

iCMS 安全漏洞

iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A security vulnerability exists in iCMS versions prior to 2.16.1, which arises from a sensitive cookie in an HTTPS session that does not have a security attribute...

3.5CVSS5AI score0.00289EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/08/31 12:0 a.m.5 views

iCMS2 跨站脚本漏洞

iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A cross-site scripting vulnerability exists in iCMS2 versions prior to 2.16.1-git, which is rooted in vulnerability to stored cross-site scripting XSS attacks...

5.9CVSS5.2AI score0.00426EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/08/31 12:0 a.m.6 views

iCMS2 代码问题漏洞

iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A code issue vulnerability exists in iCMS2 versions prior to 2.16.1, which stems from vulnerability to server-side request forgery SSRF attacks...

6.4CVSS6.3AI score0.00349EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/08/31 12:0 a.m.6 views

iCMS 授权问题漏洞

iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. An authorization issue vulnerability exists in iCMS versions prior to 2.16.1, which originates from an authentication cookie not being updated after a successful login...

5.4CVSS5.2AI score0.00368EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/08/16 12:0 a.m.5 views

iCMS 安全漏洞

iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A security vulnerability exists in iCMS versions prior to 2.16.1-git, which stems from an unauthenticated password change...

4.3CVSS5.1AI score0.00358EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/08/10 8:15 p.m.5 views

CVE-2023-39806

iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the bakupdata function...

9.8CVSS7.4AI score0.00593EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/08/10 8:15 p.m.6 views

CVE-2023-39805

iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the where parameter at admincp.php...

9.8CVSS7.4AI score0.00593EPSS
Exploits0References4
OSV
OSV
added 2023/08/10 8:15 p.m.4 views

CVE-2023-39805

iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the where parameter at admincp.php...

9.8CVSS5.8AI score0.00593EPSS
Exploits0References3
Rows per page
Query Builder