CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Icms Content Management Systems: Security Vulnerabilities

CVE-2005-4396

Cross-site scripting (XSS) vulnerability in admin/Default.asp in iCMS allows remote attackers to inject arbitrary web script or HTML via the LoginMSG parameter. NOTE: the provenance of this issue is unknown; the details were obtained solely from third party sources.

CVSS Score

4.3

EPSS Score

0.003

Published

2005-12-20

CVE-2005-4397

SQL injection vulnerability in RunScript.asp iCMS allows remote attackers to execute arbitrary SQL commands via the Event_ID parameter.

CVSS Score

7.5

EPSS Score

0.004

Published

2005-12-20

CVE-2005-3574

PHP file inclusion vulnerability in index.php of iCMS allows remote attackers to include arbitrary files via the page parameter.

CVSS Score

5.0

EPSS Score

0.005

Published

2005-11-16

Page 1

Vulnerabilities

Vulnerable Software

Icms Content Management Systems: Security Vulnerabilities

Products

Pricing

Contact Us