Filtered by vendor Interinfo
Subscriptions
Filtered by product Dreammaker
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-24728 | 1 Interinfo | 1 Dreammaker | 2026-01-30 | N/A |
| A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication. | ||||
| CVE-2026-24729 | 1 Interinfo | 1 Dreammaker | 2026-01-30 | N/A |
| An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file. | ||||
| CVE-2024-11978 | 1 Interinfo | 1 Dreammaker | 2024-12-03 | 7.5 High |
| DreamMaker from Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. | ||||
| CVE-2024-11979 | 1 Interinfo | 1 Dreammaker | 2024-12-03 | 9.8 Critical |
| DreamMaker from Interinfo has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells. | ||||
Page 1 of 1.