CVE-2023-6759
MEDIUM
5,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: low
Availability: none
MEDIUM
5,0
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: none
Integrity: partial
Availability: none
Description
AI Translation Available
A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. This affects an unknown part of the file /WebResource/resource of the component Love Handler. The manipulation leads to improper enforcement of a single, unique action. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-247887.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0018
Percentile
0,4th
Updated
EPSS Score Trend (Last 90 Days)
837
Improper Enforcement of a Single, Unique Action
IncompleteCommon Consequences
Security Scopes Affected:
Other
Potential Impacts:
Varies By Context
Applicable Platforms
Technologies:
Not Technology-Specific, Web Based, Web Server
Application
Icecms by Thecosy
CPE Identifier
View Detailed Analysis
cpe:2.3:a:thecosy:icecms:2.0.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
http://39.106.130.187/Icecms.html
https://vuldb.com/?ctiid.247887
https://vuldb.com/?id.247887
http://39.106.130.187/Icecms.html
https://vuldb.com/?ctiid.247887
https://vuldb.com/?id.247887