) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:txjia:imcat:4.4:*:*:*:*:*:*:*
- CPE Name Search: true
There are 7 matching records.
Displaying matches 1 through 7.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2018-20611 |
imcat 4.4 allow XSS via a crafted cookie to the root/tools/adbug/binfo.php?cookie URI. Published: December 30, 2018; 4:29:00 PM -0500 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2018-20610 |
imcat 4.4 allows directory traversal via the root/run/adm.php efile parameter. Published: December 30, 2018; 4:29:00 PM -0500 |
V4.0:(not available) V3.0: 4.9 MEDIUM V2.0: 4.0 MEDIUM |
| CVE-2018-20609 |
imcat 4.4 allows remote attackers to obtain potentially sensitive configuration information via the root/tools/adbug/check.php URI. Published: December 30, 2018; 4:29:00 PM -0500 |
V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
| CVE-2018-20608 |
imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI. Published: December 30, 2018; 4:29:00 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2018-20607 |
imcat 4.4 allows remote attackers to obtain potentially sensitive debugging information via the root/tools/adbug/binfo.php URI. Published: December 30, 2018; 4:29:00 PM -0500 |
V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
| CVE-2018-20606 |
imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI. Published: December 30, 2018; 4:29:00 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2018-20605 |
imcat 4.4 allows remote attackers to execute arbitrary PHP code by using root/run/adm.php to modify the boot/bootskip.php file. Published: December 30, 2018; 4:29:00 PM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |