Home/Product/txjia imcat
Product

txjia imcat

16 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2021-35370
all versions
An issue found in Peacexie Imcat v5.4 allows attackers to execute arbitrary code via the incomplete filtering function.
9.8CRITICAL
 CVE-2021-35369
all versions
Arbitrary File Read vulnerability found in Peacexie ImCat v.5.2 fixed in v.5.4 allows attackers to obtain sensitive information vi
6.5MEDIUM
 CVE-2021-36444
all versions
Cross Site Request Forgery (CSRF) vulnerability in imcat 5.4 allows remote attackers to gain escalated privileges via flaws one ti
8.8HIGH
 CVE-2021-36443
all versions
Cross Site Request Forgery vulnerability in imcat 5.4 allows remote attackers to escalate privilege via lack of token verification
8.8HIGH
 CVE-2020-22120
all versions
A remote code execution (RCE) vulnerability in /root/run/adm.php?admin-ediy&part=exdiy of imcat v5.1 allows authenticated attacker
8.8HIGH
 CVE-2020-20392
all versions
SQL Injection vulnerability in imcat v5.2 via the fm[auser] parameters in coms/add_coms.php.
9.8CRITICAL
 CVE-2020-23520
all versions
imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality.
7.2HIGH
 CVE-2019-14968
all versions
An issue was discovered in imcat 4.9. There is SQL Injection via the index.php order parameter in a mod=faqs action.
9.8CRITICAL
 CVE-2019-8436
all versions
imcat 4.5 has Stored XSS via the root/run/adm.php fm[instop][note] parameter.
5.4MEDIUM
 CVE-2018-20611
all versions
imcat 4.4 allow XSS via a crafted cookie to the root/tools/adbug/binfo.php?cookie URI.
6.1MEDIUM
 CVE-2018-20610
all versions
imcat 4.4 allows directory traversal via the root/run/adm.php efile parameter.
4.9MEDIUM
 CVE-2018-20609
all versions
imcat 4.4 allows remote attackers to obtain potentially sensitive configuration information via the root/tools/adbug/check.php URI
5.3MEDIUM
 CVE-2018-20608
all versions
imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI.
7.5HIGH
 CVE-2018-20607
all versions
imcat 4.4 allows remote attackers to obtain potentially sensitive debugging information via the root/tools/adbug/binfo.php URI.
5.3MEDIUM
 CVE-2018-20606
all versions
imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI.
7.5HIGH
 CVE-2018-20605
all versions
imcat 4.4 allows remote attackers to execute arbitrary PHP code by using root/run/adm.php to modify the boot/bootskip.php file.
9.8CRITICAL
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns TAXII feed Data sources
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh