Icms@7.0.0 Security Vulnerabilities and Issues — Icms@7.0.0 CVE List

Lucene search

IdreamsoftIcms7.0.0

3 matches found

CVE•added 2019/09/21 8:15 p.m.•67 views

CVE-2019-16677

An issue was discovered in idreamsoft iCMS V7.0. admincp.php?app=members&do=del allows CSRF.

6.5CVSS6.4AI score0.00098EPSS

CVE•added 2020/12/10 11:15 p.m.•26 views

CVE-2020-19142

iCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.

10CVSS9.7AI score0.00394EPSS

CVE•added 2020/09/10 2:15 p.m.•25 views

CVE-2020-24739

A CSRF vulnerability was found in iCMS v7.0.0 in the background deletion administrator account. When missing the CSRF_TOKEN and can still request normally, all administrators except the initial administrator will be deleted.

6.5CVSS6.5AI score0.00098EPSS