Lucene search
K

113 matches found

Positive Technologies
Positive Technologies
added 2023/08/31 12:0 a.m.5 views

PT-2023-30060 · Unknown · Instantsoft/Icms2

Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1-git Description: The issue concerns improper access control. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incident...

4.7CVSS4.6AI score0.00453EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/08/31 12:0 a.m.4 views

PT-2023-30069 · Instantsoft · Icms2

Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1-git Description: The issue is related to Cross-site Scripting XSS - Stored. This means that an attacker can inject malicious scripts into a website, which are then stored on the server and executed b...

5.9CVSS4.9AI score0.00426EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/08/31 12:0 a.m.5 views

PT-2023-30065 · Unknown · Instantsoft/Icms2

Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1 Description: The issue is related to Server-Side Request Forgery SSRF in the GitHub repository instantsoft/icms2. This allows an attacker to trick the server into making unintended requests...

6.4CVSS5.8AI score0.00349EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/08/31 12:0 a.m.5 views

PT-2023-30068 · Unknown · Instantsoft/Icms2

Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1-git Description: The issue is related to Cross-site Scripting XSS - Stored, which affects the GitHub repository instantsoft/icms2. Recommendations: For versions prior to 2.16.1-git, update to version...

6.8CVSS5.7AI score0.00438EPSS
Exploits1References6
Prion
Prion
added 2023/08/16 12:15 p.m.14 views

Default credentials

Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4CVSS4.6AI score0.00358EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/08/16 11:2 a.m.43 views

CVE-2023-4381

CVE-2023-4381 affects the instantsoft/icms2 CMS prior to version 2.16.1-git. The root cause is an unverified password change, enabling an attacker to change a user’s password without proper verification. Impact is described as minimal in the CVSS data, but the issue enables unauthorized password ...

4.3CVSS4.6AI score0.00358EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/16 11:2 a.m.17 views

CVE-2023-4381 Unverified Password Change in instantsoft/icms2

Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4.3CVSS6.8AI score0.00358EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/16 11:2 a.m.32 views

CVE-2023-4381 Unverified Password Change in instantsoft/icms2

Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4.3CVSS4.9AI score0.00358EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/08/16 12:0 a.m.4 views

PT-2023-28998 · Unknown · Instantsoft/Icms2

Name of the Vulnerable Software and Affected Versions: instantsoft/icms2 versions prior to 2.16.1-git. Description: The issue concerns an unverified password change in the GitHub repository instantsoft/icms2. Recommendations: For versions prior to 2.16.1-git, update to version 2.16.1-git or later...

4.3CVSS4.7AI score0.00358EPSS
Exploits0References11
NVD
NVD
added 2023/08/05 8:15 p.m.25 views

CVE-2023-4189

Cross-site Scripting XSS - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4.8CVSS5AI score0.00409EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/08/05 7:17 p.m.29 views

CVE-2023-4189 Cross-site Scripting (XSS) - Reflected in instantsoft/icms2

Cross-site Scripting XSS - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4.8CVSS5.2AI score0.00409EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/08/05 7:17 p.m.16 views

CVE-2023-4189 Cross-site Scripting (XSS) - Reflected in instantsoft/icms2

Cross-site Scripting XSS - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4.8CVSS6.1AI score0.00409EPSS
Exploits1References2
CVE
CVE
added 2023/08/05 7:17 p.m.76 views

CVE-2023-4189

CVE-2023-4189 is a reflected XSS in instantsoft/icms2 before version 2.16.1-git. The Red Hat, NVD, and other sources confirm that the vulnerability arises from reflecting unsanitized user input in the URL, enabling an attacker to inject script. The Huntr entry provides a concrete PoC path showing...

4.8CVSS4.9AI score0.00409EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/08/05 7:17 p.m.22 views

CVE-2023-4189 Cross-site Scripting (XSS) - Reflected in instantsoft/icms2

Cross-site Scripting XSS - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4.8CVSS5.1AI score0.00409EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/08/05 7:10 p.m.31 views

CVE-2023-4188 SQL Injection in instantsoft/icms2

SQL Injection in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

9.8CVSS9.9AI score0.00777EPSS
Exploits1References2
CVE
CVE
added 2023/08/05 7:10 p.m.59 views

CVE-2023-4188

CVE-2023-4188 affects instantsoft/icms2. The Red Hat and NVD records, along with linked advisories, confirm a SQL Injection in instantsoft/icms2 prior to 2.16.1-git. The related Huntr entry describes an unauthenticated blind SQL injection in the /tags/autocomplete endpoint (term parameter) with a...

9.8CVSS9.8AI score0.00777EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/05 7:10 p.m.14 views

CVE-2023-4188 SQL Injection in instantsoft/icms2

SQL Injection in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

9.8CVSS7.9AI score0.00777EPSS
Exploits1References2
NVD
NVD
added 2023/08/05 6:15 p.m.27 views

CVE-2023-4187

Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4.8CVSS4.2AI score0.00409EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/08/05 5:17 p.m.28 views

CVE-2023-4187 Cross-site Scripting (XSS) - Stored in instantsoft/icms2

Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

3.5CVSS5.2AI score0.00409EPSS
Exploits1References2
CVE
CVE
added 2023/08/05 5:17 p.m.67 views

CVE-2023-4187

CVE-2023-4187 affects instantsoft/icms2 prior to 2.16.1-git with stored XSS in content handled by the system. The vulnerability is documented across multiple feeds; a Proof-of-Concept is available (Huntr) showing stored XSS in the admin item title, indicating practical exploitability in a real UI...

4.8CVSS4.1AI score0.00409EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder