Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:26 a.m.21 views

CVE-2024-46612

IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to forge JWT authentication information...

9.8CVSS7.5AI score0.00625EPSS
Exploits1References1
NVD
NVD
added 2024/09/25 1:15 a.m.16 views

CVE-2024-46612

IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to forge JWT authentication information...

9.8CVSS0.00625EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/09/24 12:0 a.m.14 views

CVE-2024-46612

IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to forge JWT authentication information...

7.5AI score0.00625EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/09/24 12:0 a.m.12 views

CVE-2024-46607

Incorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering any arbitrary values as the username and password via the loginAdmin method in the UserController.java file...

0.00573EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/09/24 12:0 a.m.11 views

CVE-2024-46610

An access control issue in IceCMS v3.4.7 and before allows attackers to arbitrarily modify users' information, including username and password, via a crafted POST request sent to the endpoint /User/ChangeUser/s in the ChangeUser function in UserController.java...

0.00442EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/09/24 12:0 a.m.11 views

CVE-2024-46609

An access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and before allows unauthenticated attackers to access and returns all user information, including passwords...

0.00667EPSS
Exploits1References2
CVE
CVE
added 2024/09/24 12:0 a.m.85 views

CVE-2024-46612

IceCMS v3.4.7 and earlier versions contain a hardcoded JWT key, enabling an attacker to forge JWT authentication information. Affected component is the authentication/key handling within IceCMS. Impact is authenticated access forgery with high severity as described in cited sources; exploitation ...

9.8CVSS7.5AI score0.00625EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder