Vulnerabilities > Icmsdev

DATE CVE VULNERABILITY TITLE RISK
2018-06-15 CVE-2018-12498 SQL Injection vulnerability in Icmsdev Icms 7.0.8
spider.admincp.php in iCMS v7.0.8 has SQL Injection via the id parameter in an app=spider&do=batch request to admincp.php.
network
low complexity
icmsdev CWE-89
7.5
7.5
2018-04-20 CVE-2018-10250 Cross-site Scripting vulnerability in Icmsdev Icms 7.0.8
iCMS V7.0.8 has XSS via the admincp.php keywords parameter in a weixin_category action, aka a WeChat Classified Management keyword search.
network
icmsdev CWE-79
3.5
3.5
2018-04-19 CVE-2018-10222 Cross-Site Request Forgery (CSRF) vulnerability in Icmsdev Icms 7.0
An issue was discovered in idreamsoft iCMS V7.0.
network
icmsdev CWE-352
6.8
6.8
2018-04-16 CVE-2018-10117 Cross-Site Request Forgery (CSRF) vulnerability in Icmsdev Icms 7.0.7
An issue was discovered in idreamsoft iCMS V7.0.7.
network
icmsdev CWE-352
6.8
6.8
2018-04-10 CVE-2018-9925 Cross-site Scripting vulnerability in Icmsdev Icms
An issue was discovered in idreamsoft iCMS through 7.0.7.
network
icmsdev CWE-79
3.5
3.5
2018-04-10 CVE-2018-9924 SQL Injection vulnerability in Icmsdev Icms
An issue was discovered in idreamsoft iCMS through 7.0.7.
network
low complexity
icmsdev CWE-89
7.5
7.5
2018-04-10 CVE-2018-9923 Cross-Site Request Forgery (CSRF) vulnerability in Icmsdev Icms
An issue was discovered in idreamsoft iCMS through 7.0.7.
network
icmsdev CWE-352
6.8
6.8
2018-04-10 CVE-2018-9922 Information Exposure vulnerability in Icmsdev Icms
An issue was discovered in idreamsoft iCMS through 7.0.7.
network
low complexity
icmsdev CWE-200
5.0
5.0