VYPR

Dreamer CMS

by iteachyou

CVEs (6)

  • CVE-2023-43382HigSep 25, 2023
    risk 0.57cvss 8.8epss 0.01

    Directory Traversal vulnerability in itechyou dreamer CMS v.4.1.3 allows a remote attacker to execute arbitrary code via the themePath in the uploaded template function.

  • CVE-2023-29774MedApr 18, 2023
    risk 0.35cvss 5.4epss 0.00

    Dreamer CMS 3.0.1 is vulnerable to stored Cross Site Scripting (XSS).

  • CVE-2025-3977MedApr 27, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in iteachyou Dreamer CMS up to 4.1.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/attachment/download of the component Attachment Handler. The manipulation of the argument ID leads…

  • CVE-2025-1543MedFeb 21, 2025
    risk 0.28cvss 4.3epss 0.01

    A vulnerability, which was classified as problematic, has been found in iteachyou Dreamer CMS 4.1.3. This issue affects some unknown processing of the file /resource/js/ueditor-1.4.3.3. The manipulation leads to path traversal. The attack may be initiated remotely. The exploit…

  • CVE-2025-1548LowFeb 21, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was found in iteachyou Dreamer CMS 4.1.3. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/archives/edit. The manipulation of the argument editorValue/answer/content leads to cross site scripting. The attack can be…

  • CVE-2025-10320LowSep 12, 2025
    risk 0.20cvss 3.1epss 0.00

    A vulnerability was detected in iteachyou Dreamer CMS up to 4.1.3.2. This issue affects some unknown processing of the file /admin/user/updatePwd. Performing manipulation results in weak password requirements. Remote exploitation of the attack is possible. A high degree of…