Vulnerabilities > Icmsdev > Icms > 7.0.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-29 | CVE-2018-18702 | SQL Injection vulnerability in Icmsdev Icms 7.0.11 spider.admincp.php in iCMS v7.0.11 allows SQL injection via admincp.php?app=spider&do=import_rule because the upfile content is base64 decoded, deserialized, and used for database insertion. | 7.5 |
| 2018-09-01 | CVE-2018-16314 | Cross-Site Request Forgery (CSRF) vulnerability in Icmsdev Icms 7.0.11 An issue was discovered in admincp.php in idreamsoft iCMS 7.0.11. | 6.8 |