Acc

acc

10 CVEs • 2 products

Products (2)

Click to collapse

Toggle

Dm Corporative Cms

dm_corporative_cms

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-40662 1Acc 1Dm Corporative Cms Oct 22, 2025 Jun 10, 2025 6.9 MEDIUM· v4 7.5 HIGH· v3 N/A· v2 Absolute path disclosure vulnerability in DM Corporative CMS. This vulnerability allows an attacker to view the contents of webroot/file, if navigating to a non-existent file.
CVE-2025-40661 1Acc 1Dm Corporative Cms Oct 22, 2025 Jun 10, 2025 6.9 MEDIUM· v4 7.5 HIGH· v3 N/A· v2 An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administ...Show more An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/selection.asp.Show less
CVE-2025-40660 1Acc 1Dm Corporative Cms Oct 22, 2025 Jun 10, 2025 6.9 MEDIUM· v4 7.5 HIGH· v3 N/A· v2 An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administ...Show more An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/select node/data.asp?mode=catalogue&id1=1&id2=1session=&cod=1&networks=0.Show less
CVE-2025-40659 1Acc 1Dm Corporative Cms Oct 22, 2025 Jun 10, 2025 6.9 MEDIUM· v4 7.5 HIGH· v3 N/A· v2 An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administ...Show more An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelectionNetworks.asp.Show less
CVE-2025-40658 1Acc 1Dm Corporative Cms Oct 22, 2025 Jun 10, 2025 6.9 MEDIUM· v4 7.5 HIGH· v3 N/A· v2 An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administ...Show more An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelection.asp.Show less
CVE-2025-40657 1Acc 1Dm Corporative Cms Oct 22, 2025 Jun 10, 2025 9.3 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the codform parameter in /modules/forms/collectform.asp.
CVE-2025-40656 1Acc 1Dm Corporative Cms Oct 23, 2025 Jun 10, 2025 9.3 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the cod parameter in /administer/node-selection/data.asp.
CVE-2025-40655 1Acc 1Dm Corporative Cms Oct 23, 2025 Jun 10, 2025 9.3 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the name parameter in /antcatalogue.asp.
CVE-2025-40654 1Acc 1Dm Corporative Cms Oct 23, 2025 Jun 10, 2025 9.3 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the name and cod parameters in /antbuspre.asp.
CVE-1999-0383 1Acc 1Tigris Apr 16, 2026 Feb 2, 1999 N/A· v4 N/A· v3 7.5 HIGH· v2 ACC Tigris allows public access without a login.