Dreamer CMS

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-17	CVE-2023-45905	Cross-Site Request Forgery (CSRF) vulnerability in Dreamer CMS Project Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/variable/add. network low complexity dreamer-cms-project CWE-352	8.8
2023-10-17	CVE-2023-45906	Cross-Site Request Forgery (CSRF) vulnerability in Dreamer CMS Project Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/user/add. network low complexity dreamer-cms-project CWE-352	8.8
2023-10-17	CVE-2023-45907	Cross-Site Request Forgery (CSRF) vulnerability in Dreamer CMS Project Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/variable/delete. network low complexity dreamer-cms-project CWE-352	8.8
2023-09-27	CVE-2023-43856	Files or Directories Accessible to External Parties vulnerability in Dreamer CMS Project Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the component /admin/TemplateController.java. network low complexity dreamer-cms-project CWE-552	7.5
2023-09-27	CVE-2023-43857	Cross-site Scripting vulnerability in Dreamer CMS Project Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component /admin/u/toIndex. network low complexity dreamer-cms-project CWE-79	5.4
2023-09-03	CVE-2023-4743	Unspecified vulnerability in Dreamer CMS Project Dreamer CMS A vulnerability was found in Dreamer CMS up to 4.1.3. network high complexity dreamer-cms-project	4.8
2023-05-02	CVE-2023-2473	Unspecified vulnerability in Dreamer CMS Project Dreamer CMS A vulnerability was found in Dreamer CMS up to 4.1.3. network low complexity dreamer-cms-project	7.5
2023-03-30	CVE-2023-1746	Cross-site Scripting vulnerability in Dreamer CMS Project Dreamer CMS A vulnerability, which was classified as problematic, was found in Dreamer CMS up to 3.5.0. network low complexity dreamer-cms-project CWE-79	5.4
2023-03-16	CVE-2023-27084	Incorrect Permission Assignment for Critical Resource vulnerability in Dreamer CMS Project Dreamer CMS 4.0.1 Permissions vulnerability found in isoftforce Dreamer CMS v.4.0.1 allows local attackers to obtain sensitive information via the AttachmentController parameter. local high complexity dreamer-cms-project CWE-732	5.3
2023-01-26	CVE-2023-0513	Unspecified vulnerability in Dreamer CMS Project Dreamer CMS A vulnerability has been found in isoftforce Dreamer CMS up to 4.0.1 and classified as problematic. network low complexity dreamer-cms-project	5.4