CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6757 – Thecosy IceCMS API PlanetUser information disclosure
https://notcve.org/view.php?id=CVE-2023-6757
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /adplanet/PlanetUser of the component API. The manipulation leads to information disclosure. The attack can be launched remotely. • http://124.71.147.32:8082/IceCMS3.html https://vuldb.com/?ctiid.247885 https://vuldb.com/?id.247885 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6756 – Thecosy IceCMS Captcha login excessive authentication
https://notcve.org/view.php?id=CVE-2023-6756
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been classified as problematic. Affected is an unknown function of the file /login of the component Captcha Handler. The manipulation leads to improper restriction of excessive authentication attempts. It is possible to launch the attack remotely. • http://124.71.147.32:8082/IceCMS2.html https://vuldb.com/?ctiid.247884 https://vuldb.com/?id.247884 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6467 – Thecosy IceCMS Comment Like improper enforcement of a single, unique action
https://notcve.org/view.php?id=CVE-2023-6467
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /Websquare/likeClickComment/ of the component Comment Like Handler. The manipulation leads to improper enforcement of a single, unique action. The attack may be initiated remotely. • http://39.106.130.187/wenjian/2.html https://vuldb.com/?ctiid.246617 https://vuldb.com/?id.246617 • CWE-837: Improper Enforcement of a Single, Unique Action •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6466 – Thecosy IceCMS User Comment planet cross site scripting
https://notcve.org/view.php?id=CVE-2023-6466
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. This vulnerability affects unknown code of the file /planet of the component User Comment Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. • http://39.106.130.187 https://vuldb.com/?ctiid.246616 https://vuldb.com/?id.246616 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6438 – Thecosy IceCMS Like improper enforcement of a single, unique action
https://notcve.org/view.php?id=CVE-2023-6438
A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file /WebArticle/articles/ of the component Like Handler. The manipulation leads to improper enforcement of a single, unique action. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • http://124.71.147.32:8082 https://vuldb.com/?ctiid.246438 https://vuldb.com/?id.246438 • CWE-837: Improper Enforcement of a Single, Unique Action •