An issue was discovered in idreamsoft iCMS 7.0.13. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PHP
Path Traversal
Icms
NVD
GitHub
CVSS 3.0
9.1
EPSS
2.2%