Vulnerabilities > Idreamsoft > Icms > 7.0.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-04 | CVE-2021-44977 | Path Traversal vulnerability in Idreamsoft Icms In iCMS <=8.0.0, a directory traversal vulnerability allows an attacker to read arbitrary files. | 7.5 |
| 2022-02-04 | CVE-2021-44978 | Code Injection vulnerability in Idreamsoft Icms iCMS <= 8.0.0 allows users to add and render a comtom template, which has a SSTI vulnerability which causes remote code execution. | 9.8 |
| 2019-02-18 | CVE-2019-8902 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms An issue was discovered in idreamsoft iCMS through 7.0.14. | 5.7 |
| 2018-09-02 | CVE-2018-16332 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.9 An issue was discovered in iCMS 7.0.9. | 8.8 |
| 2018-07-10 | CVE-2018-13865 | Cross-site Scripting vulnerability in Idreamsoft Icms 7.0.9 An issue was discovered in idreamsoft iCMS 7.0.9. | 6.1 |