Lucene search
ThecosyIcecms1.0.0
3 matches found
CVE-2023-33356
IceCMS v1.0.0 is vulnerable to Cross Site Scripting (XSS).
5.4CVSS5.3AI score0.00078EPSS
CVE-2023-33355
IceCMS v1.0.0 has Insecure Permissions. There is unauthorized access to the API, resulting in the disclosure of sensitive information.
7.5CVSS7.3AI score0.00074EPSS
CVE-2023-40833
An issue in Thecosy IceCMS v.1.0.0 allows a remote attacker to gain privileges via the Id and key parameters in getCosSetting.
9.8CVSS9.4AI score0.00436EPSS