4.1.3

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-17	CVE-2023-45907	Cross-Site Request Forgery (CSRF) vulnerability in Dreamer CMS Project Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/variable/delete. network low complexity dreamer-cms-project CWE-352	8.8
2023-09-27	CVE-2023-43856	Files or Directories Accessible to External Parties vulnerability in Dreamer CMS Project Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the component /admin/TemplateController.java. network low complexity dreamer-cms-project CWE-552	7.5
2023-09-27	CVE-2023-43857	Cross-site Scripting vulnerability in Dreamer CMS Project Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component /admin/u/toIndex. network low complexity dreamer-cms-project CWE-79	5.4
2023-09-03	CVE-2023-4743	Files or Directories Accessible to External Parties vulnerability in Dreamer CMS Project Dreamer CMS A vulnerability was found in Dreamer CMS up to 4.1.3. network high complexity dreamer-cms-project CWE-552	4.8
2023-05-02	CVE-2023-2473	Algorithmic Complexity vulnerability in Dreamer CMS Project Dreamer CMS A vulnerability was found in Dreamer CMS up to 4.1.3. network low complexity dreamer-cms-project CWE-407	7.5