CVE-2023-45904
https://notcve.org/view.php?id=CVE-2023-45904
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /variable/update. Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /variable/update. • https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20vulnerability%20in%20the%20variable%20management%20modification%20function.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2023-45905
https://notcve.org/view.php?id=CVE-2023-45905
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/variable/add. Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /admin/variable/add. • https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20vulnerability%20in%20variable%20management%20with%20added%20functionality.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2023-45906
https://notcve.org/view.php?id=CVE-2023-45906
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/user/add. Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /admin/user/add. • https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20in%20the%20user%20added%20function.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2023-45907
https://notcve.org/view.php?id=CVE-2023-45907
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/variable/delete. Se descubrió que Dreamer CMS v4.1.3 contenía Cross-Site Request Forgery (CSRF) a través del componente /admin/variable/delete. • https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20vulnerability%20in%20the%20variable%20management%20deletion%20function.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2023-43857
https://notcve.org/view.php?id=CVE-2023-43857
Dreamer CMS v4.1.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component /admin/u/toIndex. Se descubrió que Dreamer CMS v4.1.3 contiene una vulnerabilidad de Cross-Site Scripting (XSS) almacenadas a través del componente /admin/u/toIndex. • https://gitee.com/iteachyou/dreamer_cms/issues/I834WV • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •