Thecosy

Icecms

20 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-6759

Exploit
  • EPSS 0.18%
  • Veröffentlicht 13.12.2023 15:15:08
  • Zuletzt bearbeitet 21.11.2024 08:44:29

A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. This affects an unknown part of the file /WebResource/resource of the component Love Handler. The manipulation leads to improper enforcement of a single, unique action....

4.3

CVE-2023-6758

Exploit
  • EPSS 0.12%
  • Veröffentlicht 13.12.2023 15:15:08
  • Zuletzt bearbeitet 21.11.2024 08:44:29

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /adplanet/PlanetCommentList of the component API. The manipulation leads to improper access controls. T...

6.5

CVE-2023-6757

Exploit
  • EPSS 0.26%
  • Veröffentlicht 13.12.2023 14:15:47
  • Zuletzt bearbeitet 21.11.2024 08:44:29

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /adplanet/PlanetUser of the component API. The manipulation leads to information disclosure...

9.8

CVE-2023-6756

Exploit
  • EPSS 0.28%
  • Veröffentlicht 13.12.2023 14:15:47
  • Zuletzt bearbeitet 21.11.2024 08:44:29

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been classified as problematic. Affected is an unknown function of the file /login of the component Captcha Handler. The manipulation leads to improper restriction of excessive authentication ...

3.7

CVE-2023-6467

Exploit
  • EPSS 0.09%
  • Veröffentlicht 02.12.2023 14:15:07
  • Zuletzt bearbeitet 21.11.2024 08:43:55

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /Websquare/likeClickComment/ of the component Comment Like Handler. The manipulation leads to improper enforce...

6.1

CVE-2023-6466

Exploit
  • EPSS 0.08%
  • Veröffentlicht 02.12.2023 14:15:07
  • Zuletzt bearbeitet 21.11.2024 08:43:55

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. This vulnerability affects unknown code of the file /planet of the component User Comment Handler. The manipulation leads to cross site scripting. The attack can ...

5.3

CVE-2023-6438

Exploit
  • EPSS 0.11%
  • Veröffentlicht 30.11.2023 17:15:13
  • Zuletzt bearbeitet 21.11.2024 08:43:51

A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file /WebArticle/articles/ of the component Like Handler. The manipulation leads to improper enforcement of a single, unique acti...

9.8

CVE-2023-40833

  • EPSS 0.44%
  • Veröffentlicht 12.10.2023 06:15:14
  • Zuletzt bearbeitet 21.11.2024 08:20:11

An issue in Thecosy IceCMS v.1.0.0 allows a remote attacker to gain privileges via the Id and key parameters in getCosSetting.

5.4

CVE-2023-33356

Exploit
  • EPSS 0.1%
  • Veröffentlicht 25.05.2023 14:15:11
  • Zuletzt bearbeitet 21.11.2024 08:05:27

IceCMS v1.0.0 is vulnerable to Cross Site Scripting (XSS).

7.5

CVE-2023-33355

Exploit
  • EPSS 0.09%
  • Veröffentlicht 25.05.2023 14:15:10
  • Zuletzt bearbeitet 16.01.2025 15:15:12

IceCMS v1.0.0 has Insecure Permissions. There is unauthorized access to the API, resulting in the disclosure of sensitive information.