iteachyou

Top products

The 15 most recently published vulnerabilities affecting iteachyou.

• CVE-2025-10320iteachyou Dreamer CMS updatePwd weak password3.1Sep 12, 2025
• CVE-2025-3977iteachyou Dreamer CMS Attachment download improper authorization4.3Apr 27, 2025
• CVE-2025-1548iteachyou Dreamer CMS edit cross site scripting3.5Feb 21, 2025
• CVE-2025-1543iteachyou Dreamer CMS ueditor-1.4.3.3 path traversal4.3Feb 21, 2025
• CVE-2024-3311Dreamer CMS ThemesController.java ZipUtils.unZipFiles path traversal6.3Apr 4, 2024
• CVE-2024-3118Dreamer CMS Attachment permission6.3Mar 31, 2024
• CVE-2024-2354Dreamer CMS toEdit cross-site request forgery4.3Mar 10, 2024
• CVE-2024-25811An access control issue in Dreamer CMS v4.0.1 allows attackers to download backup files and leak sensitive information.6.5Feb 29, 2024
• CVE-2023-7091Dreamer CMS uploadFile unrestricted upload6.3Dec 24, 2023
• CVE-2023-50017Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/database/backup8.8Dec 14, 2023
• CVE-2023-49484Dreamer CMS v4.1.3 was discovered to contain a cross-site scripting (XSS) vulnerability in the article management department.5.4Dec 8, 2023
• CVE-2023-48914Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/add.8.8Nov 30, 2023
• CVE-2023-48913Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/delete.8.8Nov 30, 2023
• CVE-2023-48912Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/edit.8.8Nov 30, 2023
• CVE-2023-46887In Dreamer CMS before 4.0.1, the backend attachment management office has an Arbitrary File Download vulnerability.7.5Nov 29, 2023