Dreamer Cms@4.1.0 Security Vulnerabilities and Issues — Dreamer Cms@4.1.0 CVE List

Lucene search

Dreamer Cms ProjectDreamer Cms4.1.0

4 matches found

CVE•added 2024/04/04 9:15 p.m.•61 views

CVE-2024-3311

A vulnerability was found in Dreamer CMS up to 4.1.3.0. It has been declared as critical. Affected by this vulnerability is the function ZipUtils.unZipFiles of the file controller/admin/ThemesController.java. The manipulation leads to path traversal. The attack can be launched remotely. The exploit...

8.8CVSS6.5AI score0.00207EPSS

CVE•added 2024/03/31 5:15 a.m.•49 views

CVE-2024-3118

A vulnerability, which was classified as critical, has been found in Dreamer CMS up to 4.1.3. This issue affects some unknown processing of the component Attachment Handler. The manipulation leads to permission issues. The attack may be initiated remotely. The exploit has been disclosed to the publ...

8.8CVSS6.4AI score0.00032EPSS

CVE•added 2023/09/03 11:15 p.m.•47 views

CVE-2023-4743

A vulnerability was found in Dreamer CMS up to 4.1.3. It has been classified as problematic. Affected is an unknown function of the file /upload/ueditorConfig?action=config. The manipulation leads to files or directories accessible. It is possible to launch the attack remotely. The complexity of an...

4.8CVSS4.5AI score0.00063EPSS

CVE•added 2023/05/02 1:15 p.m.•32 views

CVE-2023-2473

A vulnerability was found in Dreamer CMS up to 4.1.3. It has been declared as problematic. This vulnerability affects the function updatePwd of the file UserController.java of the component Password Hash Calculation. The manipulation leads to inefficient algorithmic complexity. The attack can be in...

7.5CVSS5.8AI score0.00047EPSS