Filtered by vendor Innovative Cms Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-4219 1 Innovative Cms 1 Innovative Cms 2024-11-21 N/A
setting.php in Innovative CMS (ICMS, formerly Imoel-CMS) contains username and password information in cleartext, which might allow attackers to obtain this information via a direct request to setting.php. NOTE: on a properly configured web server, it would be expected that a .php file would be processed before content is returned to the user, so this might not be a vulnerability.
CVE-2024-7899 2 Innocms, Innovative Cms 2 Innocms, Innovative Cms 2024-08-20 4.7 Medium
A vulnerability, which was classified as critical, has been found in InnoCMS 0.3.1. This issue affects some unknown processing of the file /panel/pages/1/edit of the component Backend. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.