Vulnerabilities > Dreamer CMS Project > Dreamer CMS > 3.5.0

DATE CVE VULNERABILITY TITLE RISK
2023-11-29 CVE-2023-46886 Path Traversal vulnerability in Dreamer CMS Project Dreamer CMS
Dreamer CMS before version 4.0.1 is vulnerable to Directory Traversal.
network
low complexity
dreamer-cms-project CWE-22
critical
 9.1
9.1
2023-11-29 CVE-2023-46887 Download of Code Without Integrity Check vulnerability in Dreamer CMS Project Dreamer CMS
In Dreamer CMS before 4.0.1, the backend attachment management office has an Arbitrary File Download vulnerability.
network
low complexity
dreamer-cms-project CWE-494
7.5
7.5
2023-09-03 CVE-2023-4743 Files or Directories Accessible to External Parties vulnerability in Dreamer CMS Project Dreamer CMS
A vulnerability was found in Dreamer CMS up to 4.1.3.
network
high complexity
dreamer-cms-project CWE-552
4.8
4.8
2023-05-02 CVE-2023-2473 Algorithmic Complexity vulnerability in Dreamer CMS Project Dreamer CMS
A vulnerability was found in Dreamer CMS up to 4.1.3.
network
low complexity
dreamer-cms-project CWE-407
7.5
7.5
2023-03-30 CVE-2023-1746 Cross-site Scripting vulnerability in Dreamer CMS Project Dreamer CMS
A vulnerability, which was classified as problematic, was found in Dreamer CMS up to 3.5.0.
network
low complexity
dreamer-cms-project CWE-79
5.4
5.4
2023-01-26 CVE-2023-0513 Cross-site Scripting vulnerability in Dreamer CMS Project Dreamer CMS
A vulnerability has been found in isoftforce Dreamer CMS up to 4.0.1 and classified as problematic.
network
low complexity
dreamer-cms-project CWE-79
5.4
5.4