CVE-2023-6758

The CVE-2023-6758 entry affects Thecosy IceCMS 2.0.1, specifically the API endpoint /adplanet/PlanetCommentList. The issue is an improper access control in an unknown functionality of that API component, with remote exploitation possible and public disclosure of the exploit. Multiple sources corr...

Information disclosure

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /adplanet/PlanetUser of the component API. The manipulation leads to information disclosure. The attack can be launched remotely. The...

IceCMS Access Control Error Vulnerability

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. An Access Control Error vulnerability exists in Thecosy IceCMS version 2.0.1, which stems from the presence of an unknown function in /adplanet/PlanetCommentList in...

PT-2023-32761 · Thecosy · Thecosy Icecms

Name of the Vulnerable Software and Affected Versions: Thecosy IceCMS version 2.0.1 Description: A critical issue affects some unknown functionality of the file /adplanet/PlanetCommentList of the component API, leading to improper access controls. The attack may be launched remotely...

IceCMS Information Disclosure Vulnerability

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation of NgShow individual developers. An information leakage vulnerability exists in IceCMS version 2.0.1, which originates from the presence of an unknown function in /adplanet/PlanetUser in the API...