Vulnerabilities > Iteachyou > Dreamer CMS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-04 | CVE-2024-3311 | Path Traversal vulnerability in Iteachyou Dreamer CMS A vulnerability was found in Dreamer CMS up to 4.1.3.0. | 8.8 |
| 2024-03-31 | CVE-2024-3118 | Unspecified vulnerability in Iteachyou Dreamer CMS A vulnerability, which was classified as critical, has been found in Dreamer CMS up to 4.1.3. | 8.8 |
| 2023-12-24 | CVE-2023-7091 | Unspecified vulnerability in Iteachyou Dreamer CMS 4.1.3 A vulnerability was found in Dreamer CMS 4.1.3. | 8.8 |
| 2023-12-14 | CVE-2023-50017 | Cross-Site Request Forgery (CSRF) vulnerability in Iteachyou Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/database/backup | 8.8 |
| 2023-11-30 | CVE-2023-48912 | Cross-Site Request Forgery (CSRF) vulnerability in Iteachyou Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/edit. | 8.8 |
| 2023-11-30 | CVE-2023-48913 | Cross-Site Request Forgery (CSRF) vulnerability in Iteachyou Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/delete. | 8.8 |
| 2023-11-30 | CVE-2023-48914 | Cross-Site Request Forgery (CSRF) vulnerability in Iteachyou Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/add. | 8.8 |
| 2023-11-29 | CVE-2023-46887 | Download of Code Without Integrity Check vulnerability in Iteachyou Dreamer CMS In Dreamer CMS before 4.0.1, the backend attachment management office has an Arbitrary File Download vulnerability. | 7.5 |
| 2023-11-18 | CVE-2023-48017 | Cross-Site Request Forgery (CSRF) vulnerability in Iteachyou Dreamer CMS 4.1.3 Dreamer_cms 4.1.3 is vulnerable to Cross Site Request Forgery (CSRF) via Add permissions to CSRF in Permission Management. | 8.8 |
| 2023-11-14 | CVE-2023-48020 | Cross-Site Request Forgery (CSRF) vulnerability in Iteachyou Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/task/changeStatus. | 8.8 |