5 matches found
CVE-2025-3977
A vulnerability was found in iteachyou Dreamer CMS up to 4.1.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/attachment/download of the component Attachment Handler. The manipulation of the argument ID leads to improper...
CVE-2025-3977
creationtimestamp| type| source ---|---|--- 2025-04-27 17:10:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13626 2025-04-27 19:40:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnsyy6fpd72h 2025-04-27 21:20:13+00:00| seen|...
CVE-2025-3977 iteachyou Dreamer CMS Attachment download improper authorization
A vulnerability was found in iteachyou Dreamer CMS up to 4.1.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/attachment/download of the component Attachment Handler. The manipulation of the argument ID leads to improper...
CVE-2025-3977 iteachyou Dreamer CMS Attachment download improper authorization
A vulnerability was found in iteachyou Dreamer CMS up to 4.1.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/attachment/download of the component Attachment Handler. The manipulation of the argument ID leads to improper...
CVE-2025-3977
CVE-2025-3977 affects iteachyou Dreamer CMS up to version 4.1.3. The vulnerability resides in the Attachment Handler’s file path /admin/attachment/download, where manipulating the parameter ID leads to improper authorization. The issue is exploitable remotely and, per sources, the exploit has bee...