Vulnerabilities > Thecosy > Icecms > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-25 | CVE-2024-46610 | Unspecified vulnerability in Thecosy Icecms 1.0.0/2.0.1 An access control issue in IceCMS v3.4.7 and before allows attackers to arbitrarily modify users' information, including username and password, via a crafted POST request sent to the endpoint /User/ChangeUser/s in the ChangeUser function in UserController.java | 7.5 |
| 2023-12-13 | CVE-2023-6761 | Improper Access Control vulnerability in Thecosy Icecms 2.0.1 A vulnerability, which was classified as problematic, has been found in Thecosy IceCMS up to 2.0.1. | 8.8 |
| 2023-12-13 | CVE-2023-6759 | Unspecified vulnerability in Thecosy Icecms 2.0.1 A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. | 7.5 |
| 2023-05-25 | CVE-2023-33355 | Unspecified vulnerability in Thecosy Icecms 1.0.0 IceCMS v1.0.0 has Insecure Permissions. | 7.5 |