Iteachyou

Dreamer Cms

38 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.1

CVE-2025-10320

  • EPSS 0.03%
  • Veröffentlicht 12.09.2025 16:15:33
  • Zuletzt bearbeitet 15.09.2025 15:21:42

A vulnerability was detected in iteachyou Dreamer CMS up to 4.1.3.2. This issue affects some unknown processing of the file /admin/user/updatePwd. Performing manipulation results in weak password requirements. Remote exploitation of the attack is pos...

5.3

CVE-2025-3977

  • EPSS 0.14%
  • Veröffentlicht 27.04.2025 16:31:08
  • Zuletzt bearbeitet 12.05.2025 19:07:01

A vulnerability was found in iteachyou Dreamer CMS up to 4.1.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/attachment/download of the component Attachment Handler. The manipulati...

3.5

CVE-2025-1548

  • EPSS 0.09%
  • Veröffentlicht 21.02.2025 17:15:13
  • Zuletzt bearbeitet 21.02.2025 17:15:13

A vulnerability was found in iteachyou Dreamer CMS 4.1.3. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/archives/edit. The manipulation of the argument editorValue/answer/content leads to cross site s...

4.3

CVE-2025-1543

  • EPSS 0.33%
  • Veröffentlicht 21.02.2025 16:15:32
  • Zuletzt bearbeitet 21.02.2025 16:15:32

A vulnerability, which was classified as problematic, has been found in iteachyou Dreamer CMS 4.1.3. This issue affects some unknown processing of the file /resource/js/ueditor-1.4.3.3. The manipulation leads to path traversal. The attack may be init...

6.5

CVE-2024-25811

Exploit
  • EPSS 0.15%
  • Veröffentlicht 21.03.2024 02:52:15
  • Zuletzt bearbeitet 04.04.2025 15:12:45

An access control issue in Dreamer CMS v4.0.1 allows attackers to download backup files and leak sensitive information.

6.5

CVE-2024-2354

  • EPSS 0.06%
  • Veröffentlicht 10.03.2024 11:15:45
  • Zuletzt bearbeitet 26.02.2025 15:14:55

A vulnerability, which was classified as problematic, was found in Dreamer CMS 4.1.3. Affected is an unknown function of the file /admin/menu/toEdit. The manipulation of the argument id leads to cross-site request forgery. It is possible to launch th...

8.8

CVE-2023-7091

Exploit
  • EPSS 0.35%
  • Veröffentlicht 24.12.2023 21:15:25
  • Zuletzt bearbeitet 21.11.2024 08:45:13

A vulnerability was found in Dreamer CMS 4.1.3. It has been declared as problematic. This vulnerability affects unknown code of the file /upload/uploadFile. The manipulation of the argument file leads to unrestricted upload. The attack can be initiat...

8.8

CVE-2023-50017

Exploit
  • EPSS 0.17%
  • Veröffentlicht 14.12.2023 19:15:16
  • Zuletzt bearbeitet 21.11.2024 08:36:27

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/database/backup

5.4

CVE-2023-49484

Exploit
  • EPSS 0.08%
  • Veröffentlicht 08.12.2023 15:15:07
  • Zuletzt bearbeitet 21.11.2024 08:33:27

Dreamer CMS v4.1.3 was discovered to contain a cross-site scripting (XSS) vulnerability in the article management department.

8.8

CVE-2023-48914

Exploit
  • EPSS 0.17%
  • Veröffentlicht 30.11.2023 14:15:11
  • Zuletzt bearbeitet 21.11.2024 08:32:37

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/add.