Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Icecms
(Thecosy)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 14 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-12-13 | CVE-2023-6762 | A vulnerability, which was classified as critical, was found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file /article/DelectArticleById/ of the component Article Handler. The manipulation leads to permission issues. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-247890 is the identifier assigned to this vulnerability. | Icecms | 4.3 | ||
| 2023-05-25 | CVE-2023-33355 | IceCMS v1.0.0 has Insecure Permissions. There is unauthorized access to the API, resulting in the disclosure of sensitive information. | Icecms | 7.5 | ||
| 2023-05-25 | CVE-2023-33356 | IceCMS v1.0.0 is vulnerable to Cross Site Scripting (XSS). | Icecms | 5.4 | ||
| 2023-10-12 | CVE-2023-40833 | An issue in Thecosy IceCMS v.1.0.0 allows a remote attacker to gain privileges via the Id and key parameters in getCosSetting. | Icecms | 9.8 |