ReportizFlow
Filtered by vendor Idreamsoft
Subscriptions
Total
28 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-16677 | 1 Idreamsoft | 1 Icms | 2024-11-21 | 6.5 Medium |
| An issue was discovered in idreamsoft iCMS V7.0. admincp.php?app=members&do=del allows CSRF. | ||||
| CVE-2019-11427 | 1 Idreamsoft | 1 Icms | 2024-11-21 | N/A |
| An XSS issue was discovered in app/search/search.app.php in idreamsoft iCMS 7.0.14 via the public/api.php?app=search q parameter. | ||||
| CVE-2019-11426 | 1 Idreamsoft | 1 Icms | 2024-11-21 | N/A |
| An XSS issue was discovered in app/admincp/template/admincp.header.php in idreamsoft iCMS 7.0.14 via the admincp.php?app=config tab parameter. | ||||
| CVE-2018-16366 | 1 Idreamsoft | 1 Icms | 2024-11-21 | N/A |
| An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=user&do=save allows CSRF. | ||||
| CVE-2018-16365 | 1 Idreamsoft | 1 Icms | 2024-11-21 | N/A |
| An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=group&do=save allows CSRF. | ||||
| CVE-2018-16332 | 1 Idreamsoft | 1 Icms | 2024-11-21 | N/A |
| An issue was discovered in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability. | ||||
| CVE-2018-16320 | 1 Idreamsoft | 1 Icms | 2024-11-21 | N/A |
| idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file. | ||||
| CVE-2018-13865 | 1 Idreamsoft | 1 Icms | 2024-11-21 | N/A |
| An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism. | ||||