Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dreamer_cms
(Dreamer_cms_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 22 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-10-17 | CVE-2023-45901 | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin\/category\/add. | Dreamer_cms | 8.8 | ||
| 2023-10-17 | CVE-2023-45902 | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/attachment/delete. | Dreamer_cms | 8.8 | ||
| 2023-10-17 | CVE-2023-45903 | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/label/delete. | Dreamer_cms | 8.8 | ||
| 2023-10-17 | CVE-2023-45904 | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /variable/update. | Dreamer_cms | 8.8 | ||
| 2023-10-17 | CVE-2023-45905 | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/variable/add. | Dreamer_cms | 8.8 | ||
| 2023-10-17 | CVE-2023-45906 | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/user/add. | Dreamer_cms | 8.8 | ||
| 2023-10-17 | CVE-2023-45907 | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/variable/delete. | Dreamer_cms | 8.8 | ||
| 2023-09-27 | CVE-2023-43857 | Dreamer CMS v4.1.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component /admin/u/toIndex. | Dreamer_cms | 5.4 | ||
| 2023-09-27 | CVE-2023-43856 | Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the component /admin/TemplateController.java. | Dreamer_cms | 7.5 | ||
| 2022-11-17 | CVE-2022-42245 | Dreamer CMS 4.0.01 is vulnerable to SQL Injection. | Dreamer_cms | 9.8 |