Vulnerabilities > Idreamsoft

DATE CVE VULNERABILITY TITLE RISK
2019-01-30 CVE-2019-7235 Path Traversal vulnerability in Idreamsoft Icms 7.0.13
An issue was discovered in idreamsoft iCMS 7.0.13.
network
low complexity
idreamsoft CWE-22
7.5
2019-01-30 CVE-2019-7234 Path Traversal vulnerability in Idreamsoft Icms 7.0.13
An issue was discovered in idreamsoft iCMS 7.0.13.
network
low complexity
idreamsoft CWE-22
critical
9.1
2019-01-29 CVE-2019-7160 Path Traversal vulnerability in Idreamsoft Icms 7.0.13
idreamsoft iCMS 7.0.13 allows admincp.php?app=files ../ Directory Traversal via the udir parameter to files.admincp.php, resulting in execution of arbitrary PHP code from a ZIP file via the admincp.php?app=apps zipfile parameter to apps.admincp.php.
network
low complexity
idreamsoft CWE-22
critical
9.8
2018-09-02 CVE-2018-16366 Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.10
An issue was discovered in idreamsoft iCMS V7.0.10.
network
low complexity
idreamsoft CWE-352
8.8
2018-09-02 CVE-2018-16365 Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.10
An issue was discovered in idreamsoft iCMS V7.0.10.
network
low complexity
idreamsoft CWE-352
8.8
2018-09-02 CVE-2018-16332 Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.9
An issue was discovered in iCMS 7.0.9.
network
low complexity
idreamsoft CWE-352
8.8
2018-09-01 CVE-2018-16320 Path Traversal vulnerability in Idreamsoft Icms 7.0.11
idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file.
network
low complexity
idreamsoft CWE-22
7.2
2018-07-10 CVE-2018-13865 Cross-site Scripting vulnerability in Idreamsoft Icms 7.0.9
An issue was discovered in idreamsoft iCMS 7.0.9.
network
low complexity
idreamsoft CWE-79
6.1