Dreamer Cms Security Vulnerabilities and Issues — Dreamer Cms CVE List

Lucene search

IteachyouDreamer Cms

9 matches found

CVE•added 2023/03/16 2:15 a.m.•63 views

CVE-2023-27084

Permissions vulnerability found in isoftforce Dreamer CMS v.4.0.1 allows local attackers to obtain sensitive information via the AttachmentController parameter.

5.3CVSS4.9AI score0.00023EPSS

CVE•added 2025/04/27 5:15 p.m.•50 views

CVE-2025-3977

A vulnerability was found in iteachyou Dreamer CMS up to 4.1.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/attachment/download of the component Attachment Handler. The manipulation of the argument ID leads to improper authoriza...

5.3CVSS4.7AI score0.00033EPSS

CVE•added 2023/01/26 9:18 p.m.•45 views

CVE-2023-0513

A vulnerability has been found in isoftforce Dreamer CMS up to 4.0.1 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading ...

5.4CVSS4.4AI score0.00294EPSS

CVE•added 2025/02/21 4:15 p.m.•44 views

CVE-2025-1543

A vulnerability, which was classified as problematic, has been found in iteachyou Dreamer CMS 4.1.3. This issue affects some unknown processing of the file /resource/js/ueditor-1.4.3.3. The manipulation leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to...

5.3CVSS4.6AI score0.00106EPSS

CVE•added 2023/04/18 3:15 p.m.•42 views

CVE-2023-29774

Dreamer CMS 3.0.1 is vulnerable to stored Cross Site Scripting (XSS).

5.4CVSS5.3AI score0.00084EPSS

CVE•added 2023/03/30 11:15 p.m.•41 views

CVE-2023-1746

A vulnerability, which was classified as problematic, was found in Dreamer CMS up to 3.5.0. Affected is an unknown function of the component File Upload Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. VDB-224634 is the identifier assigned to th...

5.4CVSS4.4AI score0.0007EPSS

CVE•added 2025/02/21 5:15 p.m.•35 views

CVE-2025-1548

A vulnerability was found in iteachyou Dreamer CMS 4.1.3. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/archives/edit. The manipulation of the argument editorValue/answer/content leads to cross site scripting. The attack can be initiated remotely. T...

5.1CVSS3.7AI score0.00026EPSS

CVE•added 2023/12/08 3:15 p.m.•30 views

CVE-2023-49484

Dreamer CMS v4.1.3 was discovered to contain a cross-site scripting (XSS) vulnerability in the article management department.

5.4CVSS5.3AI score0.00101EPSS

CVE•added 2023/09/27 3:19 p.m.•28 views

CVE-2023-43857

Dreamer CMS v4.1.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component /admin/u/toIndex.

5.4CVSS5.3AI score0.00251EPSS