Icms Security Vulnerabilities and Issues — Icms CVE List

Lucene search

IdreamsoftIcms

5 matches found

CVE•added 2018/09/02 3:29 a.m.•31 views

CVE-2018-16332

An issue was discovered in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability.

8.8CVSS8.6AI score0.00145EPSS

CVE•added 2018/09/02 10:29 p.m.•30 views

CVE-2018-16365

An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=group&do=save allows CSRF.

8.8CVSS8.6AI score0.00145EPSS

CVE•added 2018/07/10 8:29 p.m.•28 views

CVE-2018-13865

An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism.

6.1CVSS5.9AI score0.0024EPSS

CVE•added 2018/09/02 10:29 p.m.•28 views

CVE-2018-16366

An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=user&do=save allows CSRF.

8.8CVSS8.6AI score0.00145EPSS

CVE•added 2018/09/01 6:29 p.m.•26 views

CVE-2018-16320

idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file.

7.2CVSS7.2AI score0.00845EPSS