Vulnerabilities > Idreamsoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-01-30 | CVE-2019-7235 | Path Traversal vulnerability in Idreamsoft Icms 7.0.13 An issue was discovered in idreamsoft iCMS 7.0.13. | 7.5 |
2019-01-30 | CVE-2019-7234 | Path Traversal vulnerability in Idreamsoft Icms 7.0.13 An issue was discovered in idreamsoft iCMS 7.0.13. | 9.1 |
2019-01-29 | CVE-2019-7160 | Path Traversal vulnerability in Idreamsoft Icms 7.0.13 idreamsoft iCMS 7.0.13 allows admincp.php?app=files ../ Directory Traversal via the udir parameter to files.admincp.php, resulting in execution of arbitrary PHP code from a ZIP file via the admincp.php?app=apps zipfile parameter to apps.admincp.php. | 9.8 |
2018-09-02 | CVE-2018-16366 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.10 An issue was discovered in idreamsoft iCMS V7.0.10. | 8.8 |
2018-09-02 | CVE-2018-16365 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.10 An issue was discovered in idreamsoft iCMS V7.0.10. | 8.8 |
2018-09-02 | CVE-2018-16332 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.9 An issue was discovered in iCMS 7.0.9. | 8.8 |
2018-09-01 | CVE-2018-16320 | Path Traversal vulnerability in Idreamsoft Icms 7.0.11 idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file. | 7.2 |
2018-07-10 | CVE-2018-13865 | Cross-site Scripting vulnerability in Idreamsoft Icms 7.0.9 An issue was discovered in idreamsoft iCMS 7.0.9. | 6.1 |