Product
thecosy icecms
22 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-22984
CVE-2025-22983
CVE-2024-48202
CVE-2024-46612
CVE-2024-46610
CVE-2024-46609
CVE-2024-46607
CVE-2023-6762
CVE-2023-6761
CVE-2023-6760
CVE-2023-6759
CVE-2023-6758
CVE-2023-6757
CVE-2023-6756
CVE-2023-6467
CVE-2023-6466
CVE-2023-6438
CVE-2023-42188
CVE-2023-40833
CVE-2023-36100
CVE-2023-33356
CVE-2023-33355
all versions
An access control issue in the component /api/squareComment/DelectSquareById of iceCMS v2.2.0 allows unauthenticated attackers to
all versions
An access control issue in the component /square/getAllSquare/circle of iceCMS v2.2.0 allows unauthenticated attackers to access s
<= 3.4.7
icecms <=3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile.
< 3.4.7
IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to forge JWT authentication informati
<= 3.4.7
An access control issue in IceCMS v3.4.7 and before allows attackers to arbitrarily modify users' information, including username
<= 3.4.7
An access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and before allows unauthenticated attacke
<= 3.4.7
Incorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering any arbitrary values as the user
all versions
A vulnerability, which was classified as critical, was found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file
all versions
A vulnerability, which was classified as problematic, has been found in Thecosy IceCMS up to 2.0.1. This issue affects some unknow
all versions
A vulnerability classified as critical was found in Thecosy IceCMS up to 2.0.1. This vulnerability affects unknown code. The manip
all versions
A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. This affects an unknown part of the file /WebRes
all versions
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as critical. Affected by this issue is some unknown functiona
all versions
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. Affected by this vulnerability is an unkno
all versions
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been classified as problematic. Affected is an unknown function of the f
all versions
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of
all versions
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. This vulnerability affects unknown code of
all versions
A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file /Web
all versions
IceCMS v2.0.1 is vulnerable to Cross Site Request Forgery (CSRF).
all versions
An issue in Thecosy IceCMS v.1.0.0 allows a remote attacker to gain privileges via the Id and key parameters in getCosSetting.
all versions
An issue was discovered in IceCMS version 2.0.1, allows attackers to escalate privileges and gain sensitive information via UserID
all versions
IceCMS v1.0.0 is vulnerable to Cross Site Scripting (XSS).
all versions
IceCMS v1.0.0 has Insecure Permissions. There is unauthorized access to the API, resulting in the disclosure of sensitive informat