Skip to main content

Icecoder

5 CVEs product

Monthly

CVE-2024-41375 PHP MEDIUM POC This Month

ICEcoder 8.1 is vulnerable to Cross Site Scripting (XSS) via lib/terminal-xhr.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Icecoder
NVD GitHub
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-41374 PHP MEDIUM POC This Month

ICEcoder 8.1 is vulnerable to Cross Site Scripting (XSS) via lib/settings-screen.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Icecoder
NVD GitHub
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-41373 PHP MEDIUM POC This Month

ICEcoder 8.1 contains a Path Traversal vulnerability via lib/backup-versions-preview-loader.php. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Icecoder
NVD GitHub
CVSS 3.1
6.3
EPSS
0.4%
CVE-2022-34026 PHP HIGH POC This Week

ICEcoder v8.1 allows attackers to execute a directory traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Icecoder
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-32106 PHP MEDIUM POC PATCH This Month

In ICEcoder 8.0 allows, a reflected XSS vulnerability was identified in the multipe-results.php page due to insufficient sanitization of the _GET['replace'] variable. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Icecoder
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
EPSS 0% CVSS 6.1
MEDIUM POC This Month

ICEcoder 8.1 is vulnerable to Cross Site Scripting (XSS) via lib/terminal-xhr.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Icecoder
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC This Month

ICEcoder 8.1 is vulnerable to Cross Site Scripting (XSS) via lib/settings-screen.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Icecoder
NVD GitHub
EPSS 0% CVSS 6.3
MEDIUM POC This Month

ICEcoder 8.1 contains a Path Traversal vulnerability via lib/backup-versions-preview-loader.php. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Icecoder
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

ICEcoder v8.1 allows attackers to execute a directory traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Icecoder
NVD GitHub VulDB
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

In ICEcoder 8.0 allows, a reflected XSS vulnerability was identified in the multipe-results.php page due to insufficient sanitization of the _GET['replace'] variable. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Icecoder
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy