CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Prion•added 2019/04/22 11:29 a.m.•8 views

Cross site scripting

An XSS issue was discovered in app/search/search.app.php in idreamsoft iCMS 7.0.14 via the public/api.php?app=search q parameter...

4.3CVSS6AI score0.0024EPSS

Exploits1References1Affected Software1

CVE•added 2019/04/21 9:35 p.m.•39 views

CVE-2019-11427

The CVE-2019-11427 entry concerns an XSS vulnerability in idreamsoft iCMS 7.0.14, exploitable via the public/api.php?app=search&q parameter within the file app/search/search.app.php. Connected sources consistently describe the issue as a Cross-Site Scripting vulnerability in iCMS 7.0.14, with no ...

6.1CVSS5.9AI score0.0024EPSS

Exploits1References1Affected Software1

NVD•added 2019/02/18 2:29 p.m.•9 views

CVE-2019-8902

An issue was discovered in idreamsoft iCMS through 7.0.14. A CSRF vulnerability can delete users' articles via the public/api.php?app=user URI...

5.7CVSS5.6AI score0.0008EPSS

Exploits1References1

Cvelist•added 2018/09/14 7:0 a.m.•8 views

CVE-2018-17049

CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback parameter in an uploadpic action...

6AI score0.0028EPSS

Exploits1References1

Prion•added 2018/07/10 8:29 p.m.•10 views

Design/Logic Flaw

An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism...

4.3CVSS5.9AI score0.0024EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by