Vulnerabilities > Thecosy > Icecms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-25 | CVE-2024-46610 | Unspecified vulnerability in Thecosy Icecms 1.0.0/2.0.1 An access control issue in IceCMS v3.4.7 and before allows attackers to arbitrarily modify users' information, including username and password, via a crafted POST request sent to the endpoint /User/ChangeUser/s in the ChangeUser function in UserController.java | 7.5 |
| 2023-12-13 | CVE-2023-6760 | Manage User Sessions vulnerability in Thecosy Icecms 2.0.1 A vulnerability classified as critical was found in Thecosy IceCMS up to 2.0.1. | 5.4 |
| 2023-12-13 | CVE-2023-6761 | Improper Access Control vulnerability in Thecosy Icecms 2.0.1 A vulnerability, which was classified as problematic, has been found in Thecosy IceCMS up to 2.0.1. | 8.8 |
| 2023-12-13 | CVE-2023-6762 | Permission Issues vulnerability in Thecosy Icecms 2.0.1 A vulnerability, which was classified as critical, was found in Thecosy IceCMS 2.0.1. | 4.3 |
| 2023-12-13 | CVE-2023-6758 | Improper Access Control vulnerability in Thecosy Icecms 2.0.1 A vulnerability was found in Thecosy IceCMS 2.0.1. | 4.3 |
| 2023-12-13 | CVE-2023-6759 | Unspecified vulnerability in Thecosy Icecms 2.0.1 A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. | 7.5 |
| 2023-12-13 | CVE-2023-6756 | Improper Restriction of Excessive Authentication Attempts vulnerability in Thecosy Icecms 2.0.1 A vulnerability was found in Thecosy IceCMS 2.0.1. | 9.8 |
| 2023-12-13 | CVE-2023-6757 | Unspecified vulnerability in Thecosy Icecms 2.0.1 A vulnerability was found in Thecosy IceCMS 2.0.1. | 6.5 |
| 2023-12-02 | CVE-2023-6466 | Cross-site Scripting vulnerability in Thecosy Icecms 2.0.1 A vulnerability was found in Thecosy IceCMS 2.0.1. | 6.1 |
| 2023-12-02 | CVE-2023-6467 | Unspecified vulnerability in Thecosy Icecms 2.0.1 A vulnerability was found in Thecosy IceCMS 2.0.1. | 3.7 |