Show filters
13 Total Results
Displaying 1-10 of 13
Sort by:
Attacker Value
Unknown
CVE-2025-1548
Disclosure Date: February 21, 2025 (last updated February 23, 2025)
A vulnerability was found in iteachyou Dreamer CMS 4.1.3. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/archives/edit. The manipulation of the argument editorValue/answer/content leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
0
Attacker Value
Unknown
CVE-2025-1543
Disclosure Date: February 21, 2025 (last updated February 23, 2025)
A vulnerability, which was classified as problematic, has been found in iteachyou Dreamer CMS 4.1.3. This issue affects some unknown processing of the file /resource/js/ueditor-1.4.3.3. The manipulation leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
0
Attacker Value
Unknown
CVE-2023-7091
Disclosure Date: December 24, 2023 (last updated December 30, 2023)
A vulnerability was found in Dreamer CMS 4.1.3. It has been declared as problematic. This vulnerability affects unknown code of the file /upload/uploadFile. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-248938 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
0
Attacker Value
Unknown
CVE-2023-50017
Disclosure Date: December 14, 2023 (last updated December 19, 2023)
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/database/backup
0
Attacker Value
Unknown
CVE-2023-49484
Disclosure Date: December 08, 2023 (last updated December 12, 2023)
Dreamer CMS v4.1.3 was discovered to contain a cross-site scripting (XSS) vulnerability in the article management department.
0
Attacker Value
Unknown
CVE-2023-48914
Disclosure Date: November 30, 2023 (last updated December 06, 2023)
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/add.
0
Attacker Value
Unknown
CVE-2023-48913
Disclosure Date: November 30, 2023 (last updated December 06, 2023)
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/delete.
0
Attacker Value
Unknown
CVE-2023-48912
Disclosure Date: November 30, 2023 (last updated December 06, 2023)
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/edit.
0
Attacker Value
Unknown
CVE-2023-48021
Disclosure Date: November 14, 2023 (last updated November 18, 2023)
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/task/update.
0
Attacker Value
Unknown
CVE-2023-48020
Disclosure Date: November 14, 2023 (last updated November 18, 2023)
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/task/changeStatus.
0
