An issue found in Peacexie Imcat v5.4 allows attackers to execute arbitrary code via the incomplete filtering...
9.8CVSS
9.7AI Score
0.003EPSS
Arbitrary File Read vulnerability found in Peacexie ImCat v.5.2 fixed in v.5.4 allows attackers to obtain sensitive information via the filtering_get_contents...
6.5CVSS
6.2AI Score
0.001EPSS
Cross Site Request Forgery vulnerability in imcat 5.4 allows remote attackers to escalate privilege via lack of token...
8.8CVSS
8.8AI Score
0.001EPSS
Cross Site Request Forgery (CSRF) vulnerability in imcat 5.4 allows remote attackers to gain escalated privileges via flaws one time token generation on the add administrator...
8.8CVSS
9AI Score
0.001EPSS
A remote code execution (RCE) vulnerability in /root/run/adm.php?admin-ediy&part=exdiy of imcat v5.1 allows authenticated attackers to execute arbitrary...
8.8CVSS
9AI Score
0.004EPSS
imcat 4.4 allows remote attackers to obtain potentially sensitive debugging information via the root/tools/adbug/binfo.php...
5.3CVSS
5.1AI Score
0.002EPSS
4.9CVSS
5.2AI Score
0.001EPSS
imcat 4.4 allow XSS via a crafted cookie to the root/tools/adbug/binfo.php?cookie...
6.1CVSS
5.8AI Score
0.001EPSS
imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1...
7.5CVSS
7.4AI Score
0.014EPSS
7.5CVSS
7.3AI Score
0.002EPSS
imcat 4.4 allows remote attackers to obtain potentially sensitive configuration information via the root/tools/adbug/check.php...
5.3CVSS
5.1AI Score
0.002EPSS
imcat 4.4 allows remote attackers to execute arbitrary PHP code by using root/run/adm.php to modify the boot/bootskip.php...
9.8CVSS
9.7AI Score
0.016EPSS
5.4CVSS
5.2AI Score
0.001EPSS
9.8CVSS
9.9AI Score
0.002EPSS
imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture...
7.2CVSS
7.4AI Score
0.003EPSS
An issue was discovered in imcat 4.9. There is SQL Injection via the index.php order parameter in a mod=faqs...
9.8CVSS
9.8AI Score
0.002EPSS