Lucene search
K

51 matches found

RedhatCVE
RedhatCVE
added 2025/06/06 6:21 a.m.17 views

CVE-2025-5569

A vulnerability was found in IdeaCMS up to 1.7 and classified as critical. This issue affects the function Article/Goods of the file /api/v1.index.article/getList.html. The manipulation of the argument Field leads to sql injection. The attack may be initiated remotely. Upgrading to version 1.8 is...

6.5CVSS7.5AI score0.01269EPSS
Exploits1References1
OSV
OSV
added 2025/06/04 6:15 a.m.12 views

CVE-2025-5569

A vulnerability was found in IdeaCMS up to 1.7 and classified as critical. This issue affects the function Article/Goods of the file /api/v1.index.article/getList.html. The manipulation of the argument Field leads to sql injection. The attack may be initiated remotely. Upgrading to version 1.8 is...

8.8CVSS5.6AI score0.01269EPSS
Exploits1References7
NVD
NVD
added 2025/06/04 6:15 a.m.36 views

CVE-2025-5569

A vulnerability was found in IdeaCMS up to 1.7 and classified as critical. This issue affects the function Article/Goods of the file /api/v1.index.article/getList.html. The manipulation of the argument Field leads to sql injection. The attack may be initiated remotely. Upgrading to version 1.8 is...

8.8CVSS0.01269EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/06/04 5:31 a.m.9 views

CVE-2025-5569 IdeaCMS getList.html Goods sql injection

A vulnerability was found in IdeaCMS up to 1.7 and classified as critical. This issue affects the function Article/Goods of the file /api/v1.index.article/getList.html. The manipulation of the argument Field leads to sql injection. The attack may be initiated remotely. Upgrading to version 1.8 is...

6.5CVSS7.8AI score0.01269EPSS
Exploits1References7
CVE
CVE
added 2025/06/04 5:31 a.m.106 views

CVE-2025-5569

IdeaCMS

8.8CVSS6.9AI score0.01269EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2025/06/04 5:31 a.m.30 views

CVE-2025-5569 IdeaCMS getList.html Goods sql injection

A vulnerability was found in IdeaCMS up to 1.7 and classified as critical. This issue affects the function Article/Goods of the file /api/v1.index.article/getList.html. The manipulation of the argument Field leads to sql injection. The attack may be initiated remotely. Upgrading to version 1.8 is...

6.5CVSS0.01269EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/06/04 12:0 a.m.7 views

PT-2025-23769 · Ideacms · Ideacms

Name of the Vulnerable Software and Affected Versions: IdeaCMS versions up to 1.7 Description: A critical issue affects the function Article/Goods of the file "/api/v1.index.article/getList.html". The manipulation of the Field argument leads to SQL injection. The attack may be initiated remotely...

6.5CVSS6.8AI score0.01269EPSS
Exploits1References13
CNNVD
CNNVD
added 2025/06/04 12:0 a.m.6 views

IdeaCMS 注入漏洞

IdeaCMS is a shopping mall system of IdeaCMS open source. IdeaCMS 1.7 and previous versions of the injection vulnerability exists, the vulnerability stems from the file / api / v1.index.article / getList.html in the parameter Field improperly handled resulting in SQL injection...

8.8CVSS7AI score0.01269EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/05/07 10:24 p.m.22 views

CVE-2025-4291

A vulnerability, which was classified as critical, was found in IdeaCMS up to 1.6. Affected is the function saveUpload. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used...

6.5CVSS6.9AI score0.00357EPSS
Exploits1References1
NVD
NVD
added 2025/05/05 10:15 p.m.24 views

CVE-2025-4291

A vulnerability, which was classified as critical, was found in IdeaCMS up to 1.6. Affected is the function saveUpload. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used...

9.8CVSS0.00357EPSS
Exploits1References4
OSV
OSV
added 2025/05/05 10:15 p.m.5 views

CVE-2025-4291

A vulnerability, which was classified as critical, was found in IdeaCMS up to 1.6. Affected is the function saveUpload. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used...

9.8CVSS5.3AI score
Exploits0References4
Cvelist
Cvelist
added 2025/05/05 10:0 p.m.24 views

CVE-2025-4291 IdeaCMS saveUpload unrestricted upload

A vulnerability, which was classified as critical, was found in IdeaCMS up to 1.6. Affected is the function saveUpload. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used...

6.5CVSS0.00357EPSS
Exploits1References4
CVE
CVE
added 2025/05/05 10:0 p.m.57 views

CVE-2025-4291

IdeaCMS up to version 1.6 is affected by a vulnerability in the saveUpload function that allows unrestricted file uploads. The issue enables remote exploitation and has publicly disclosed exploit information. Connected sources corroborate the vulnerability in saveUpload and describe it as critica...

9.8CVSS6.9AI score0.00357EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/05 10:0 p.m.7 views

CVE-2025-4291 IdeaCMS saveUpload unrestricted upload

A vulnerability, which was classified as critical, was found in IdeaCMS up to 1.6. Affected is the function saveUpload. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used...

6.5CVSS6.9AI score0.00357EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/05/05 12:0 a.m.6 views

IdeaCMS 代码问题漏洞

IdeaCMS is an open source shopping mall system by IdeaCMS. A code issue vulnerability exists in IdeaCMS 1.6 and earlier versions, which stems from improper handling of the function saveUpload, which can lead to arbitrary file uploads...

9.8CVSS6.6AI score0.00357EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/05/05 12:0 a.m.6 views

PT-2025-19803 · Ideacms · Ideacms

Name of the Vulnerable Software and Affected Versions: IdeaCMS versions up to 1.6 Description: A critical vulnerability was found in IdeaCMS, affecting the saveUpload function. This vulnerability allows for unrestricted upload and can be exploited remotely. The exploit has been disclosed to the...

6.5CVSS6.2AI score0.00357EPSS
Exploits1References10
CNVD
CNVD
added 2020/03/10 12:0 a.m.1 views

Arbitrary file upload vulnerability in ideacms In***.php file

ideacms is a lightweight PHP+Mysql enterprise website construction system, with CI framework as the core, to create a website construction system suitable for enterprise official website, group official website and personal blog program. ideacms In.php file has an arbitrary file upload...

7.3AI score
Exploits0
CNVD
CNVD
added 2018/09/04 12:0 a.m.2 views

IdeaCMS Cross-Site Scripting Vulnerability

IdeaCMS is a PHP and MySQL based enterprise website building system. A cross-site scripting vulnerability exists in IdeaCMS 2016-04-30 and earlier versions, which can be exploited by remote attackers to inject arbitrary Web script or HTML by sending the 'kw' parameter to...

6.1CVSS5.9AI score0.00655EPSS
Exploits0References1
NVD
NVD
added 2018/09/03 12:29 a.m.16 views

CVE-2018-16372

The issue was discovered in IdeaCMS through 2016-04-30. There is reflected XSS via the index.php?c=content&a=search kw parameter. NOTE: this product is discontinued...

6.1CVSS6AI score0.00655EPSS
Exploits0References1
Prion
Prion
added 2018/09/03 12:29 a.m.11 views

Cross site scripting

The issue was discovered in IdeaCMS through 2016-04-30. There is reflected XSS via the index.php?c=content&a=search kw parameter. NOTE: this product is discontinued...

4.3CVSS5.9AI score0.00655EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder