iDreamSoft iCMS 7.0.9

CPE Details

iDreamSoft iCMS 7.0.9
idreamsoft
icms
7.0.9
2019-01-29
17h43 +00:00
2019-01-29
17h43 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:idreamsoft:icms:7.0.9:*:*:*:*:*:*:*

Informations

Vendor

idreamsoft

Product

icms

Version

7.0.9

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-44977 2022-02-04 14h35 +00:00 In iCMS <=8.0.0, a directory traversal vulnerability allows an attacker to read arbitrary files.
7.5
Haute
CVE-2021-44978 2022-02-04 14h29 +00:00 iCMS <= 8.0.0 allows users to add and render a comtom template, which has a SSTI vulnerability which causes remote code execution.
9.8
Critique
CVE-2019-8902 2019-02-18 14h00 +00:00 An issue was discovered in idreamsoft iCMS through 7.0.14. A CSRF vulnerability can delete users' articles via the public/api.php?app=user URI.
5.7
Moyen
CVE-2018-16332 2018-09-02 01h00 +00:00 An issue was discovered in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability.
8.8
Haute
CVE-2018-13865 2018-07-10 20h00 +00:00 An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism.
6.1
Moyen