Vulnerabilities > Instantcms

DATE CVE VULNERABILITY TITLE RISK
2023-08-31 CVE-2023-4654 Unspecified vulnerability in Instantcms
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository instantsoft/icms2 prior to 2.16.1.
network
low complexity
instantcms
3.5
2023-08-31 CVE-2023-4655 Unspecified vulnerability in Instantcms
Cross-site Scripting (XSS) - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1.
network
low complexity
instantcms
6.1
2023-08-16 CVE-2023-4381 Unspecified vulnerability in Instantcms
Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git.
network
low complexity
instantcms
4.3
2023-08-05 CVE-2023-4188 Unspecified vulnerability in Instantcms
SQL Injection in GitHub repository instantsoft/icms2 prior to 2.16.1-git.
network
low complexity
instantcms
critical
9.1
2023-08-05 CVE-2023-4189 Cross-site Scripting vulnerability in Instantcms
Cross-site Scripting (XSS) - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1-git.
network
low complexity
instantcms CWE-79
4.8
2023-08-05 CVE-2023-4187 Unspecified vulnerability in Instantcms
Cross-site Scripting (XSS) - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git.
network
low complexity
instantcms
4.8
2018-07-18 CVE-2018-14382 Cross-site Scripting vulnerability in Instantcms 2.10.1
InstantCMS 2.10.1 has /redirect?url= XSS.
network
low complexity
instantcms CWE-79
6.1