Vulnerabilities > Idreamsoft > Icms > 7.0.13
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-04 | CVE-2021-44977 | Path Traversal vulnerability in Idreamsoft Icms In iCMS <=8.0.0, a directory traversal vulnerability allows an attacker to read arbitrary files. | 7.5 |
| 2022-02-04 | CVE-2021-44978 | Code Injection vulnerability in Idreamsoft Icms iCMS <= 8.0.0 allows users to add and render a comtom template, which has a SSTI vulnerability which causes remote code execution. | 9.8 |
| 2021-04-30 | CVE-2020-18070 | Path Traversal vulnerability in Idreamsoft Icms 7.0.13 Path Traversal in iCMS v7.0.13 allows remote attackers to delete folders by injecting commands into a crafted HTTP request to the "do_del()" method of the component "database.admincp.php". | 9.1 |
| 2019-02-18 | CVE-2019-8902 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms An issue was discovered in idreamsoft iCMS through 7.0.14. | 5.7 |
| 2019-01-30 | CVE-2019-7237 | Path Traversal vulnerability in Idreamsoft Icms 7.0.13 An issue was discovered in idreamsoft iCMS 7.0.13 on Windows. | 7.5 |
| 2019-01-30 | CVE-2019-7236 | Path Traversal vulnerability in Idreamsoft Icms 7.0.13 An issue was discovered in idreamsoft iCMS 7.0.13. | 7.5 |
| 2019-01-30 | CVE-2019-7235 | Path Traversal vulnerability in Idreamsoft Icms 7.0.13 An issue was discovered in idreamsoft iCMS 7.0.13. | 7.5 |
| 2019-01-30 | CVE-2019-7234 | Path Traversal vulnerability in Idreamsoft Icms 7.0.13 An issue was discovered in idreamsoft iCMS 7.0.13. | 9.1 |
| 2019-01-29 | CVE-2019-7160 | Path Traversal vulnerability in Idreamsoft Icms 7.0.13 idreamsoft iCMS 7.0.13 allows admincp.php?app=files ../ Directory Traversal via the udir parameter to files.admincp.php, resulting in execution of arbitrary PHP code from a ZIP file via the admincp.php?app=apps zipfile parameter to apps.admincp.php. | 9.8 |