Vendor Products CVEs KEV Avg EPSS Worst Severity 1 6 0 27.6% HIGH
CVE ID Description Severity CVSS KEV EPSS Published CVE-2024-41375 ICEcoder 8.1 is vulnerable to Cross Site Scripting (XSS) via lib/terminal-xhr.php MEDIUM 6.1 — 23.7% Jul 26, 2024 CVE-2024-41374 ICEcoder 8.1 is vulnerable to Cross Site Scripting (XSS) via lib/settings-screen.php MEDIUM 6.1 — 23.7% Jul 26, 2024 CVE-2024-41373 ICEcoder 8.1 contains a Path Traversal vulnerability via lib/backup-versions-preview-loader.php. MEDIUM 6.3 — 35.3% Jul 26, 2024 CVE-2022-34026 ICEcoder v8.1 allows attackers to execute a directory traversal. HIGH 7.5 — — Sep 22, 2022 CVE-2021-3862 icecoder is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') MEDIUM 4.8 — — Jan 17, 2022 CVE-2021-32106 In ICEcoder 8.0 allows, a reflected XSS vulnerability was identified in the multipe-results.php page due to insufficient sanitization of the _GET['replace'] variable. As a result, arbitrary Javascript code can get executed. MEDIUM 5.4 — — Jun 8, 2021