Vulnerabilities > Idreamsoft > Icms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-10 | CVE-2020-24739 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.0 A CSRF vulnerability was found in iCMS v7.0.0 in the background deletion administrator account. | 6.5 |
| 2019-09-21 | CVE-2019-16677 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.0 An issue was discovered in idreamsoft iCMS V7.0. | 6.5 |
| 2019-04-22 | CVE-2019-11427 | Cross-site Scripting vulnerability in Idreamsoft Icms 7.0.14 An XSS issue was discovered in app/search/search.app.php in idreamsoft iCMS 7.0.14 via the public/api.php?app=search q parameter. | 6.1 |
| 2019-04-22 | CVE-2019-11426 | Cross-site Scripting vulnerability in Idreamsoft Icms 7.0.14 An XSS issue was discovered in app/admincp/template/admincp.header.php in idreamsoft iCMS 7.0.14 via the admincp.php?app=config tab parameter. | 6.1 |
| 2019-02-18 | CVE-2019-8902 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms An issue was discovered in idreamsoft iCMS through 7.0.14. | 5.7 |
| 2018-07-10 | CVE-2018-13865 | Cross-site Scripting vulnerability in Idreamsoft Icms 7.0.9 An issue was discovered in idreamsoft iCMS 7.0.9. | 6.1 |