Filtered by vendor Innovative Cms
Subscriptions
Filtered by product Innovative Cms
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2005-4219 | 1 Innovative Cms | 1 Innovative Cms | 2024-11-21 | N/A |
setting.php in Innovative CMS (ICMS, formerly Imoel-CMS) contains username and password information in cleartext, which might allow attackers to obtain this information via a direct request to setting.php. NOTE: on a properly configured web server, it would be expected that a .php file would be processed before content is returned to the user, so this might not be a vulnerability. | ||||
CVE-2024-7899 | 2 Innocms, Innovative Cms | 2 Innocms, Innovative Cms | 2024-08-20 | 4.7 Medium |
A vulnerability, which was classified as critical, has been found in InnoCMS 0.3.1. This issue affects some unknown processing of the file /panel/pages/1/edit of the component Backend. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
Page 1 of 1.