Dreamer Cms Security Vulnerabilities and Issues — Dreamer Cms CVE List

Lucene search

IteachyouDreamer Cms

5 matches found

CVE•added 2023/09/27 3:19 p.m.•81 views

CVE-2023-43856

Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the component /admin/TemplateController.java.

7.5CVSS7.5AI score0.00158EPSS

CVE•added 2023/09/21 6:15 p.m.•59 views

CVE-2023-42279

Dreamer CMS v4.1.3 was discovered to contain a SQL injection vulnerability via the model-form-management-field form.

9.8CVSS9.8AI score0.00066EPSS

CVE•added 2023/09/03 11:15 p.m.•47 views

CVE-2023-4743

A vulnerability was found in Dreamer CMS up to 4.1.3. It has been classified as problematic. Affected is an unknown function of the file /upload/ueditorConfig?action=config. The manipulation leads to files or directories accessible. It is possible to launch the attack remotely. The complexity of an...

4.8CVSS4.5AI score0.00063EPSS

CVE•added 2023/09/27 3:19 p.m.•28 views

CVE-2023-43857

Dreamer CMS v4.1.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component /admin/u/toIndex.

5.4CVSS5.3AI score0.00251EPSS

CVE•added 2023/09/25 4:15 p.m.•27 views

CVE-2023-43382

Directory Traversal vulnerability in itechyou dreamer CMS v.4.1.3 allows a remote attacker to execute arbitrary code via the themePath in the uploaded template function.

8.8CVSS8.8AI score0.02724EPSS