Lucene search
+L

406 matches found

OSV
OSV
added 2018/04/20 6:29 p.m.2 views

CVE-2018-10250

iCMS V7.0.8 has XSS via the admincp.php keywords parameter in a weixincategory action, aka a WeChat Classified Management keyword search...

5.4CVSS5.8AI score0.00637EPSS
Exploits1References1
NVD
NVD
added 2018/04/20 6:29 p.m.16 views

CVE-2018-10250

iCMS V7.0.8 has XSS via the admincp.php keywords parameter in a weixincategory action, aka a WeChat Classified Management keyword search...

5.4CVSS5.3AI score0.00637EPSS
Exploits1References1
CVE
CVE
added 2018/04/20 6:0 p.m.41 views

CVE-2018-10250

iCMS v7.0.8 contains a Cross-Site Scripting (XSS) vulnerability in the weixin_category action, exploited via the admincp.php keywords parameter. The issue arises from insufficient sanitization of the keywords input, enabling injection of arbitrary script/HTML when interacting with the WeChat Clas...

5.4CVSS5.2AI score0.00637EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/04/20 6:0 p.m.13 views

CVE-2018-10250

iCMS V7.0.8 has XSS via the admincp.php keywords parameter in a weixincategory action, aka a WeChat Classified Management keyword search...

5.3AI score0.00637EPSS
Exploits1References1
OSV
OSV
added 2018/04/19 8:29 a.m.5 views

CVE-2018-10222

An issue was discovered in idreamsoft iCMS V7.0. There is a CSRF vulnerability that can add a Column via /admincp.php?app=articlecategory&do=save&frame=iPHP...

8.8CVSS5.8AI score0.00614EPSS
Exploits1References1
Prion
Prion
added 2018/04/19 8:29 a.m.14 views

Cross site request forgery (csrf)

An issue was discovered in idreamsoft iCMS V7.0. There is a CSRF vulnerability that can add a Column via /admincp.php?app=articlecategory&do=save&frame=iPHP...

6.8CVSS8.6AI score0.00614EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/04/19 8:29 a.m.14 views

CVE-2018-10222

An issue was discovered in idreamsoft iCMS V7.0. There is a CSRF vulnerability that can add a Column via /admincp.php?app=articlecategory&do=save&frame=iPHP...

8.8CVSS8.7AI score0.00614EPSS
Exploits1References1
CVE
CVE
added 2018/04/19 8:0 a.m.42 views

CVE-2018-10222

CVE-2018-10222 concerns idreamsoft iCMS V7.0. A CSRF vulnerability exists that can cause adding a Column via the request path /admincp.php?app=article_category&do=save&frame=iPHP. The connected CNVD and CNVD-derived records describe this same CSRF issue in iCMS 7.0, with no public details on affe...

8.8CVSS8.6AI score0.00614EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/04/19 8:0 a.m.17 views

CVE-2018-10222

An issue was discovered in idreamsoft iCMS V7.0. There is a CSRF vulnerability that can add a Column via /admincp.php?app=articlecategory&do=save&frame=iPHP...

8.7AI score0.00614EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/18 12:0 a.m.4 views

idreamsoft iCMS Cross-Site Request Forgery Vulnerability (CNVD-2018-08768)

idreamsoft iCMS is an open source content management system CMS based on PHP and MySQL. A cross-site request forgery vulnerability exists in idreamsoft iCMS version 7.0.7. A remote attacker can exploit this vulnerability to add an administrative account with the help of...

8.8CVSS7AI score0.00554EPSS
Exploits1References1
OSV
OSV
added 2018/04/16 9:58 a.m.2 views

CVE-2018-10117

An issue was discovered in idreamsoft iCMS V7.0.7. There is a CSRF vulnerability that can add an admin account via admincp.php?app=members&do=save&frame=iPHP...

8.8CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2018/04/16 9:58 a.m.10 views

CVE-2018-10117

An issue was discovered in idreamsoft iCMS V7.0.7. There is a CSRF vulnerability that can add an admin account via admincp.php?app=members&do=save&frame=iPHP...

8.8CVSS8.7AI score0.00554EPSS
Exploits1References1
Prion
Prion
added 2018/04/16 9:58 a.m.12 views

Cross site request forgery (csrf)

An issue was discovered in idreamsoft iCMS V7.0.7. There is a CSRF vulnerability that can add an admin account via admincp.php?app=members&do=save&frame=iPHP...

6.8CVSS8.6AI score0.00554EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/04/15 11:0 a.m.44 views

CVE-2018-10117

The connected records confirm CVE-2018-10117 affects idreamsoft iCMS v7.0.7. The vulnerability is a CSRF flaw that enables an attacker to add an administrative account via the request: admincp.php?app=members&do=save&frame=iPHP. Root cause: CSRF in the admin account creation flow. Impact: potenti...

8.8CVSS8.6AI score0.00554EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/04/15 11:0 a.m.19 views

CVE-2018-10117

An issue was discovered in idreamsoft iCMS V7.0.7. There is a CSRF vulnerability that can add an admin account via admincp.php?app=members&do=save&frame=iPHP...

8.7AI score0.00554EPSS
Exploits1References1
Prion
Prion
added 2018/04/10 6:29 a.m.15 views

Cross site request forgery (csrf)

An issue was discovered in idreamsoft iCMS through 7.0.7. XSS exists via the nickname field in an admincp.php?app=user&do=save&frame=iPHP request...

3.5CVSS5.2AI score0.00644EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/04/10 6:29 a.m.13 views

CVE-2018-9922

An issue was discovered in idreamsoft iCMS through 7.0.7. Physical path leakage exists via an invalid nickname field that reveals a core/library/weixin.class.php pathname...

5.3CVSS5.3AI score0.01188EPSS
Exploits1References1
Prion
Prion
added 2018/04/10 6:29 a.m.10 views

Sql injection

An issue was discovered in idreamsoft iCMS through 7.0.7. SQL injection exists via the pid array parameter in an admincp.php?app=tag&do=save&frame=iPHP request...

7.5CVSS9.8AI score0.01468EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/04/10 6:29 a.m.12 views

CVE-2018-9924

An issue was discovered in idreamsoft iCMS through 7.0.7. SQL injection exists via the pid array parameter in an admincp.php?app=tag&do=save&frame=iPHP request...

9.8CVSS9.9AI score0.01468EPSS
Exploits1References1
NVD
NVD
added 2018/04/10 6:29 a.m.18 views

CVE-2018-9923

An issue was discovered in idreamsoft iCMS through 7.0.7. CSRF exists in admincp.php, as demonstrated by adding an article via an app=article&do=save&frame=iPHP request...

8.8CVSS8.7AI score0.00621EPSS
Exploits1References1
Rows per page
Query Builder