Icms Security Vulnerabilities and Issues — Icms CVE List

Lucene search

IdreamsoftIcms

6 matches found

CVE•added 2019/10/14 4:15 p.m.•52 views

CVE-2019-17583

idreamsoft iCMS 7.0.15 allows remote attackers to cause a denial of service (resource consumption) via a query for many comments, as demonstrated by the admincp.php?app=comment&perpage= substring followed by a large positive integer.

7.5CVSS7.4AI score0.00807EPSS

CVE•added 2022/02/04 4:15 p.m.•37 views

CVE-2021-44977

In iCMS

7.5CVSS7.4AI score0.00431EPSS

CVE•added 2019/01/30 9:29 p.m.•33 views

CVE-2019-7235

An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=apps&do=save allows directory traversal via _app=/../ to designate an arbitrary directory because of an apps.admincp.php error. This directory can then be deleted via an admincp.php?app=apps&do=uninstall request.

7.5CVSS7.5AI score0.00619EPSS

CVE•added 2019/01/30 9:29 p.m.•30 views

CVE-2019-7236

An issue was discovered in idreamsoft iCMS 7.0.13. editor/editor.admincp.php allows admincp.php?app=editor&do=fileManager dir=../ Directory Traversal.

7.5CVSS7.5AI score0.00431EPSS

CVE•added 2018/09/01 6:29 p.m.•26 views

CVE-2018-16320

idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file.

7.2CVSS7.2AI score0.00845EPSS

CVE•added 2019/01/30 9:29 p.m.•25 views

CVE-2019-7237

An issue was discovered in idreamsoft iCMS 7.0.13 on Windows. editor/editor.admincp.php allows admincp.php?app=files&do=browse ..\ Directory Traversal.

7.5CVSS7.5AI score0.00431EPSS