Vulnerabilities > Txjia > Imcat > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-03 | CVE-2021-36443 | Cross-Site Request Forgery (CSRF) vulnerability in Txjia Imcat 5.4 Cross Site Request Forgery vulnerability in imcat 5.4 allows remote attackers to escalate privilege via lack of token verification. | 8.8 |
| 2023-02-03 | CVE-2021-36444 | Cross-Site Request Forgery (CSRF) vulnerability in Txjia Imcat 5.4 Cross Site Request Forgery (CSRF) vulnerability in imcat 5.4 allows remote attackers to gain escalated privileges via flaws one time token generation on the add administrator page. | 8.8 |
| 2021-08-18 | CVE-2020-22120 | Code Injection vulnerability in Txjia Imcat 5.1 A remote code execution (RCE) vulnerability in /root/run/adm.php?admin-ediy&part=exdiy of imcat v5.1 allows authenticated attackers to execute arbitrary code. | 8.8 |
| 2020-12-09 | CVE-2020-23520 | Unrestricted Upload of File with Dangerous Type vulnerability in Txjia Imcat 5.2 imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality. | 7.2 |
| 2018-12-30 | CVE-2018-20608 | Information Exposure vulnerability in Txjia Imcat 4.4 imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI. | 7.5 |
| 2018-12-30 | CVE-2018-20606 | Information Exposure vulnerability in Txjia Imcat 4.4 imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI. | 7.5 |