Known Vulnerabilities for products from Dreamer Cms Project
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Dreamer Cms Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-48063 json | 4.3 - MEDIUM | 2023-11-13 | 2023-11-16 | |
| CVE-2023-48060 json | 8.8 - HIGH | 2023-11-13 | 2023-11-16 | |
| CVE-2023-48058 json | 8.8 - HIGH | 2023-11-13 | 2023-11-16 | |
| CVE-2023-46887 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-11-29 | 2023-12-05 |
| CVE-2023-46886 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.1 - CRITICAL | 2023-11-29 | 2023-12-05 |
| CVE-2023-45907 json | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/variable/delete. | 8.8 - HIGH | 2023-10-17 | 2023-10-18 |
| CVE-2023-45906 json | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/user/add. | 8.8 - HIGH | 2023-10-17 | 2023-10-18 |
| CVE-2023-45905 json | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/variable/add. | 8.8 - HIGH | 2023-10-17 | 2023-10-18 |
| CVE-2023-45904 json | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /variable/update. | 8.8 - HIGH | 2023-10-17 | 2023-10-18 |
| CVE-2023-45903 json | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/label/delete. | 8.8 - HIGH | 2023-10-17 | 2023-10-18 |
| CVE-2023-45902 json | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/attachment/delete. | 8.8 - HIGH | 2023-10-17 | 2023-10-18 |
| CVE-2023-45901 json | Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin\/category\/add. | 8.8 - HIGH | 2023-10-17 | 2023-10-18 |
| CVE-2023-43857 json | Dreamer CMS v4.1.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component /admin/u/toI... | 5.4 - MEDIUM | 2023-09-27 | 2023-09-29 |
| CVE-2023-43856 json | Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the component /admin/TemplateController... | 7.5 - HIGH | 2023-09-27 | 2023-09-28 |
| CVE-2023-27084 json | Permissions vulnerability found in isoftforce Dreamer CMS v.4.0.1 allows local attackers to obtain sensitive information via ... | 5.3 - MEDIUM | 2023-03-16 | 2023-03-22 |
| CVE-2023-4743 json | A vulnerability was found in Dreamer CMS up to 4.1.3. It has been classified as problematic. Affected is an unknown function ... | 4.8 - MEDIUM | 2023-09-03 | 2023-11-07 |
| CVE-2023-2473 json | A vulnerability was found in Dreamer CMS up to 4.1.3. It has been declared as problematic. This vulnerability affects the fun... | 7.5 - HIGH | 2023-05-02 | 2023-11-07 |
| CVE-2023-1746 json | A vulnerability, which was classified as problematic, was found in Dreamer CMS up to 3.5.0. Affected is an unknown function o... | 5.4 - MEDIUM | 2023-03-30 | 2023-11-07 |
| CVE-2023-0513 json | A vulnerability has been found in isoftforce Dreamer CMS up to 4.0.1 and classified as problematic. This vulnerability affect... | 5.4 - MEDIUM | 2023-01-26 | 2023-11-07 |
| CVE-2022-42245 json | Dreamer CMS 4.0.01 is vulnerable to SQL Injection. | 9.8 - CRITICAL | 2022-11-17 | 2023-04-24 |