An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism.
6.1CVSS
5.9AI Score
0.001EPSS
idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file.
7.2CVSS
7.2AI Score
0.001EPSS
An issue was discovered in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability.
8.8CVSS
8.6AI Score
0.001EPSS
An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=group&do=save allows CSRF.
8.8CVSS
8.6AI Score
0.001EPSS
An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=user&do=save allows CSRF.
8.8CVSS
8.6AI Score
0.001EPSS
An XSS issue was discovered in app/admincp/template/admincp.header.php in idreamsoft iCMS 7.0.14 via the admincp.php?app=config tab parameter.
6.1CVSS
5.9AI Score
0.001EPSS
An XSS issue was discovered in app/search/search.app.php in idreamsoft iCMS 7.0.14 via the public/api.php?app=search q parameter.
6.1CVSS
5.9AI Score
0.001EPSS
An issue was discovered in idreamsoft iCMS V7.0. admincp.php?app=members&do=del allows CSRF.
6.5CVSS
6.4AI Score
0.001EPSS
An issue was discovered in idreamsoft iCMS v7.0.14. There is a spider_project.admincp.php SQL injection vulnerability in the 'upload spider project scheme' feature via a two-dimensional payload.
9.8CVSS
9.7AI Score
0.002EPSS
idreamsoft iCMS 7.0.15 allows remote attackers to cause a denial of service (resource consumption) via a query for many comments, as demonstrated by the admincp.php?app=comment&perpage= substring followed by a large positive integer.
7.5CVSS
7.4AI Score
0.002EPSS
idreamsoft iCMS 7.0.13 allows admincp.php?app=files ../ Directory Traversal via the udir parameter to files.admincp.php, resulting in execution of arbitrary PHP code from a ZIP file via the admincp.php?app=apps zipfile parameter to apps.admincp.php.
9.8CVSS
9.4AI Score
0.005EPSS
An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=apps&do=save allows directory traversal via _app=/../ to begin the process of creating a ZIP archive file with the complete contents of any directory because of an apps.admincp.php error. This ZIP archive file can then be downloaded...
9.1CVSS
8.9AI Score
0.004EPSS
An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=apps&do=save allows directory traversal via _app=/../ to designate an arbitrary directory because of an apps.admincp.php error. This directory can then be deleted via an admincp.php?app=apps&do=uninstall request.
7.5CVSS
7.5AI Score
0.001EPSS
An issue was discovered in idreamsoft iCMS 7.0.13. editor/editor.admincp.php allows admincp.php?app=editor&do=fileManager dir=../ Directory Traversal.
7.5CVSS
7.5AI Score
0.009EPSS
An issue was discovered in idreamsoft iCMS 7.0.13 on Windows. editor/editor.admincp.php allows admincp.php?app=files&do=browse ..\ Directory Traversal.
7.5CVSS
7.5AI Score
0.009EPSS
An issue was discovered in idreamsoft iCMS through 7.0.14. A CSRF vulnerability can delete users' articles via the public/api.php?app=user URI.
5.7CVSS
5.6AI Score
0.001EPSS
Path Traversal in iCMS v7.0.13 allows remote attackers to delete folders by injecting commands into a crafted HTTP request to the "do_del()" method of the component "database.admincp.php".
9.1CVSS
9AI Score
0.003EPSS
iCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.
9.8CVSS
9.7AI Score
0.004EPSS
iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DB_NAME parameter to install/install.php.
9.8CVSS
9.7AI Score
0.004EPSS
iCMS v7.0.15 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admincp.php?app=members&do=add.
8.8CVSS
8.8AI Score
0.001EPSS
A CSRF vulnerability was found in iCMS v7.0.0 in the background deletion administrator account. When missing the CSRF_TOKEN and can still request normally, all administrators except the initial administrator will be deleted.
6.5CVSS
6.5AI Score
0.001EPSS
A Cross Site Request Forgery (CSRF) vulnerability was discovered in iCMS 7.0.16 which can allow an attacker to execute arbitrary web scripts.
8.8CVSS
8.8AI Score
0.001EPSS
In iCMS <=8.0.0, a directory traversal vulnerability allows an attacker to read arbitrary files.
7.5CVSS
7.4AI Score
0.004EPSS
iCMS <= 8.0.0 allows users to add and render a comtom template, which has a SSTI vulnerability which causes remote code execution.
9.8CVSS
9.7AI Score
0.008EPSS
iCMS v7.0.16 was discovered to contain a Server-Side Request Forgery (SSRF) via the url parameter at admincp.php.
9.8CVSS
9.5AI Score
0.003EPSS
iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the where parameter at admincp.php.
9.8CVSS
9.7AI Score
0.002EPSS
iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the bakupdata function.
9.8CVSS
9.8AI Score
0.002EPSS
8.8CVSS
8.7AI Score
0.001EPSS