Vulnerabilities (CVE)

Filtered by vendor Acc Subscribe

Filtered by product Dm Corporative Cms

Total 6 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2025-40657	1 Acc	1 Dm Corporative Cms	2025-10-22	N/A	9.8 CRITICAL
A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the codform parameter in /modules/forms/collectform.asp.
CVE-2025-40658	1 Acc	1 Dm Corporative Cms	2025-10-22	N/A	7.5 HIGH
An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelection.asp.
CVE-2025-40659	1 Acc	1 Dm Corporative Cms	2025-10-22	N/A	7.5 HIGH
An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelectionNetworks.asp.
CVE-2025-40660	1 Acc	1 Dm Corporative Cms	2025-10-22	N/A	7.5 HIGH
An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/select node/data.asp?mode=catalogue&id1=1&id2=1session=&cod=1&networks=0.
CVE-2025-40661	1 Acc	1 Dm Corporative Cms	2025-10-22	N/A	7.5 HIGH
An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/selection.asp.
CVE-2025-40662	1 Acc	1 Dm Corporative Cms	2025-10-22	N/A	7.5 HIGH
Absolute path disclosure vulnerability in DM Corporative CMS. This vulnerability allows an attacker to view the contents of webroot/file, if navigating to a non-existent file.