Lucene search
K

114 matches found

Vulnrichment
Vulnrichment
added 2023/08/31 12:0 a.m.15 views

CVE-2023-4650 Improper Access Control in instantsoft/icms2

Improper Access Control in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4.7CVSS6.8AI score0.00453EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/08/31 12:0 a.m.36 views

CVE-2023-4649 Session Fixation in instantsoft/icms2

Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1...

4.3CVSS5.7AI score0.00368EPSS
Exploits1References2
OSV
OSV
added 2023/08/31 12:0 a.m.22 views

CVE-2023-4652 Cross-site Scripting (XSS) - Stored in instantsoft/icms2

Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

6.8CVSS6.5AI score0.00438EPSS
Exploits1References4
CVE
CVE
added 2023/08/31 12:0 a.m.36 views

CVE-2023-4652

CVE-2023-4652 is a stored Cross-site Scripting (XSS) vulnerability affecting instantsoft/icms2 releases prior to 2.16.1-git. Multiple sources confirm the issue is a stored XSS in icms2, with exploitation via attacker-supplied input that can induce script execution in an affected user’s browser. P...

6.8CVSS5.6AI score0.00438EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/08/31 12:0 a.m.5 views

iCMS2 跨站脚本漏洞

iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A cross-site scripting vulnerability exists in iCMS2 versions prior to 2.16.1-git, which is rooted in vulnerability to stored cross-site scripting XSS attacks...

6.8CVSS5.9AI score0.00438EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/08/31 12:0 a.m.6 views

PT-2023-30049 · Instantsoft · Icms2

Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1 Description: The issue concerns a session fixation problem. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents...

5.4CVSS4.6AI score0.00368EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/08/31 12:0 a.m.7 views

PT-2023-30070 · Unknown · Instantsoft/Icms2

Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1 Description: The issue concerns a sensitive cookie in an HTTPS session that lacks the 'Secure' attribute. This problem is identified in the GitHub repository instantsoft/icms2. Recommendations: For...

3.5CVSS3.6AI score0.00289EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/08/31 12:0 a.m.6 views

PT-2023-30080 · Icms2 · Icms2

Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1 Description: The issue is related to Cross-site Scripting XSS - Reflected. This is a type of attack where an attacker injects malicious code into a website, and the website reflects the code back to...

6.1CVSS4.6AI score0.00408EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/08/31 12:0 a.m.5 views

PT-2023-30060 · Unknown · Instantsoft/Icms2

Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1-git Description: The issue concerns improper access control. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incident...

4.7CVSS4.6AI score0.00453EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/08/31 12:0 a.m.4 views

PT-2023-30069 · Instantsoft · Icms2

Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1-git Description: The issue is related to Cross-site Scripting XSS - Stored. This means that an attacker can inject malicious scripts into a website, which are then stored on the server and executed b...

5.9CVSS4.9AI score0.00426EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/08/31 12:0 a.m.5 views

PT-2023-30065 · Unknown · Instantsoft/Icms2

Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1 Description: The issue is related to Server-Side Request Forgery SSRF in the GitHub repository instantsoft/icms2. This allows an attacker to trick the server into making unintended requests...

6.4CVSS5.8AI score0.00349EPSS
Exploits1References6
Prion
Prion
added 2023/08/16 12:15 p.m.14 views

Default credentials

Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4CVSS4.6AI score0.00358EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/08/16 11:2 a.m.42 views

CVE-2023-4381

CVE-2023-4381 affects the instantsoft/icms2 CMS prior to version 2.16.1-git. The root cause is an unverified password change, enabling an attacker to change a user’s password without proper verification. Impact is described as minimal in the CVSS data, but the issue enables unauthorized password ...

4.3CVSS4.6AI score0.00358EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/16 11:2 a.m.17 views

CVE-2023-4381 Unverified Password Change in instantsoft/icms2

Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4.3CVSS6.8AI score0.00358EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/16 11:2 a.m.32 views

CVE-2023-4381 Unverified Password Change in instantsoft/icms2

Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4.3CVSS4.9AI score0.00358EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/08/16 12:0 a.m.4 views

PT-2023-28998 · Unknown · Instantsoft/Icms2

Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1-git. Description: The issue concerns an unverified password change in the GitHub repository instantsoft/icms2. Recommendations: For versions prior to 2.16.1-git, update to version 2.16.1-git or later...

4.3CVSS4.7AI score0.00358EPSS
Exploits0References11
NVD
NVD
added 2023/08/05 8:15 p.m.24 views

CVE-2023-4189

Cross-site Scripting XSS - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4.8CVSS5AI score0.00409EPSS
Exploits1References2
Prion
Prion
added 2023/08/05 8:15 p.m.14 views

Sql injection

SQL Injection in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

7.5CVSS9.6AI score0.00777EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/08/05 7:17 p.m.22 views

CVE-2023-4189 Cross-site Scripting (XSS) - Reflected in instantsoft/icms2

Cross-site Scripting XSS - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4.8CVSS5.1AI score0.00409EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/08/05 7:17 p.m.29 views

CVE-2023-4189 Cross-site Scripting (XSS) - Reflected in instantsoft/icms2

Cross-site Scripting XSS - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4.8CVSS5.2AI score0.00409EPSS
Exploits1References2
Rows per page
Query Builder