Filtered by vendor Idreamsoft
Subscribe
Total
25 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-7237 | 2 Idreamsoft, Microsoft | 2 Icms, Windows | 2019-01-31 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in idreamsoft iCMS 7.0.13 on Windows. editor/editor.admincp.php allows admincp.php?app=files&do=browse ..\ Directory Traversal. | |||||
CVE-2019-7236 | 1 Idreamsoft | 1 Icms | 2019-01-31 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in idreamsoft iCMS 7.0.13. editor/editor.admincp.php allows admincp.php?app=editor&do=fileManager dir=../ Directory Traversal. | |||||
CVE-2018-16320 | 1 Idreamsoft | 1 Icms | 2018-11-02 | 6.5 MEDIUM | 7.2 HIGH |
idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file. | |||||
CVE-2018-16332 | 1 Idreamsoft | 1 Icms | 2018-10-24 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability. | |||||
CVE-2018-13865 | 1 Idreamsoft | 1 Icms | 2018-09-06 | 4.3 MEDIUM | 6.1 MEDIUM |
An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism. |