VYPR
Vendor

Peacexie

Products
1
CVEs
11
Across products
11
Status
Private

Products

1

Recent CVEs

11
  • CVE-2021-35370CriFeb 24, 2023
    risk 0.64cvss 9.8epss 0.01

    An issue found in Peacexie Imcat v5.4 allows attackers to execute arbitrary code via the incomplete filtering function.

  • CVE-2018-20605CriDec 30, 2018
    risk 0.64cvss 9.8epss 0.02

    imcat 4.4 allows remote attackers to execute arbitrary PHP code by using root/run/adm.php to modify the boot/bootskip.php file.

  • CVE-2018-20608HigDec 30, 2018
    risk 0.50cvss 7.5epss 0.12

    imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI.

  • CVE-2018-20606HigDec 30, 2018
    risk 0.49cvss 7.5epss 0.03

    imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI.

  • CVE-2020-23520HigDec 9, 2020
    risk 0.47cvss 7.2epss 0.02

    imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality.

  • CVE-2021-35369MedFeb 24, 2023
    risk 0.42cvss 6.5epss 0.01

    Arbitrary File Read vulnerability found in Peacexie ImCat v.5.2 fixed in v.5.4 allows attackers to obtain sensitive information via the filtering_get_contents function.

  • CVE-2018-20611MedDec 30, 2018
    risk 0.40cvss 6.1epss 0.01

    imcat 4.4 allow XSS via a crafted cookie to the root/tools/adbug/binfo.php?cookie URI.

  • CVE-2019-8436MedFeb 18, 2019
    risk 0.35cvss 5.4epss 0.01

    imcat 4.5 has Stored XSS via the root/run/adm.php fm[instop][note] parameter.

  • CVE-2018-20609MedDec 30, 2018
    risk 0.35cvss 5.3epss 0.03

    imcat 4.4 allows remote attackers to obtain potentially sensitive configuration information via the root/tools/adbug/check.php URI.

  • CVE-2018-20607MedDec 30, 2018
    risk 0.35cvss 5.3epss 0.03

    imcat 4.4 allows remote attackers to obtain potentially sensitive debugging information via the root/tools/adbug/binfo.php URI.

  • CVE-2018-20610MedDec 30, 2018
    risk 0.32cvss 4.9epss 0.02

    imcat 4.4 allows directory traversal via the root/run/adm.php efile parameter.