Icms Content Management Systems : Security Vulnerabilities, CVEs,
SQL injection vulnerability in RunScript.asp iCMS allows remote attackers to execute arbitrary SQL commands via the Event_ID parameter.
Max CVSS
7.5
EPSS Score
0.18%
Published
2005-12-20
Updated
2008-09-05
Cross-site scripting (XSS) vulnerability in admin/Default.asp in iCMS allows remote attackers to inject arbitrary web script or HTML via the LoginMSG parameter. NOTE: the provenance of this issue is unknown; the details were obtained solely from third party sources.
Max CVSS
4.3
EPSS Score
0.23%
Published
2005-12-20
Updated
2008-09-05
PHP file inclusion vulnerability in index.php of iCMS allows remote attackers to include arbitrary files via the page parameter.
Max CVSS
5.0
EPSS Score
0.98%
Published
2005-11-16
Updated
2011-03-08
3 vulnerabilities found