CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

ATTACKERKB•added 2023/10/17 2:15 p.m.•0 views

CVE-2023-45907

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/variable/delete...

8.8CVSS5.8AI score0.00099EPSS

Exploits1References2

CVE•added 2023/10/17 12:0 a.m.•99 views

CVE-2023-45907

Dreamer CMS v4.1.3 contains a Cross-Site Request Forgery (CSRF) in the /admin/variable/delete component. The vulnerability is recorded as CVE-2023-45907 with CVSS v3.1 base score 8.8 (HIGH); attack vector is NETWORK, no privileges required, user interaction required, and impact to confidentiality...

8.8CVSS8.8AI score0.00099EPSS

Exploits1References1Affected Software1

CNNVD•added 2023/10/17 12:0 a.m.•3 views

Dreamer CMS Cross-Site Request Forgery Vulnerability

Dreamer CMS is a dreamer content management system by Junnan Wang, an individual developer in China. A security vulnerability exists in Dreamer CMS version v4.1.3. An attacker can exploit this vulnerability to conduct cross-site request forgery CSRF attacks via the component /admin/variable/delet...

8.8CVSS6.8AI score0.00099EPSS

Exploits1References2

Positive Technologies•added 2023/10/17 12:0 a.m.•3 views

PT-2023-29761 · Unknown · Dreamer Cms

Name of the Vulnerable Software and Affected Versions: Dreamer CMS version 4.1.3 Description: A Cross-Site Request Forgery CSRF issue was discovered in Dreamer CMS via the component /admin/variable/delete. This allows for unauthorized actions to be performed on the application. Recommendations: F...

8.8CVSS7AI score0.00099EPSS

Exploits1References8