Vulnerabilities > Txjia > Imcat > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-02-24 CVE-2021-35369 Unspecified vulnerability in Txjia Imcat 5.2/5.3
Arbitrary File Read vulnerability found in Peacexie ImCat v.5.2 fixed in v.5.4 allows attackers to obtain sensitive information via the filtering_get_contents function.
network
low complexity
txjia
6.5
2020-12-09 CVE-2020-23520 Unrestricted Upload of File with Dangerous Type vulnerability in Txjia Imcat 5.2
imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality.
network
low complexity
txjia CWE-434
6.5
2018-12-30 CVE-2018-20611 Cross-site Scripting vulnerability in Txjia Imcat 4.4
imcat 4.4 allow XSS via a crafted cookie to the root/tools/adbug/binfo.php?cookie URI.
network
txjia CWE-79
4.3
2018-12-30 CVE-2018-20610 Path Traversal vulnerability in Txjia Imcat 4.4
imcat 4.4 allows directory traversal via the root/run/adm.php efile parameter.
network
low complexity
txjia CWE-22
4.0
2018-12-30 CVE-2018-20609 Information Exposure vulnerability in Txjia Imcat 4.4
imcat 4.4 allows remote attackers to obtain potentially sensitive configuration information via the root/tools/adbug/check.php URI.
network
low complexity
txjia CWE-200
5.0
2018-12-30 CVE-2018-20608 Information Exposure vulnerability in Txjia Imcat 4.4
imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI.
network
low complexity
txjia CWE-200
5.0
2018-12-30 CVE-2018-20607 Information Exposure vulnerability in Txjia Imcat 4.4
imcat 4.4 allows remote attackers to obtain potentially sensitive debugging information via the root/tools/adbug/binfo.php URI.
network
low complexity
txjia CWE-200
5.0
2018-12-30 CVE-2018-20606 Information Exposure vulnerability in Txjia Imcat 4.4
imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI.
network
low complexity
txjia CWE-200
5.0