Vulnerabilities > Iteachyou > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-03-16 CVE-2023-27084 Incorrect Permission Assignment for Critical Resource vulnerability in Iteachyou Dreamer CMS 4.0.1
Permissions vulnerability found in isoftforce Dreamer CMS v.4.0.1 allows local attackers to obtain sensitive information via the AttachmentController parameter.
local
high complexity
iteachyou CWE-732
5.3
5.3
2023-01-26 CVE-2023-0513 Cross-site Scripting vulnerability in Iteachyou Dreamer CMS
A vulnerability has been found in isoftforce Dreamer CMS up to 4.0.1 and classified as problematic.
network
low complexity
iteachyou CWE-79
5.4
5.4