Lunax0

**Name of the Vulnerable Software and Affected Versions** icecms versions 3.4.7 and earlier **Description** The issue is related to a File Upload vulnerability. It affects the `uploadFile` function in `FileUtils.java`. **Recommendations** For versions 3.4.7 and earlier, update to a version later than 3.4.7 to resolve the issue. As a temporary workaround, consider disabling the `uploadFile` function in `FileUtils.java` until a patch is available. Restrict access to the file upload feature to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IceCMS versions 3.4.7 and earlier **Description** The issue allows attackers to bypass authentication by entering arbitrary values as the `username` and `password` via the `loginAdmin` method in the `UserController.java` file. This enables unauthorized access. **Recommendations** For IceCMS versions 3.4.7 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IceCMS versions 3.4.7 and earlier **Description** An access control issue in the `CheckVip` function in `UserController.java` of IceCMS allows unauthenticated attackers to access and return all user information, including passwords. **Recommendations** For IceCMS versions 3.4.7 and earlier, as a temporary workaround, consider disabling the `CheckVip` function in `UserController.java` until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IceCMS versions 3.4.7 and earlier **Description** The issue allows attackers to arbitrarily modify users' information, including `username` and `password`, via a crafted POST request sent to the endpoint "/User/ChangeUser/s" in the `ChangeUser` function in `UserController.java`. **Recommendations** For IceCMS versions 3.4.7 and earlier, as a temporary workaround, consider disabling the `ChangeUser` function in `UserController.java` until a patch is available. Restrict access to the "/User/ChangeUser/s" endpoint to minimize the risk of exploitation. Avoid using the `username` and `password` variables in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** IceCMS versions 3.4.7 and earlier **Description** The issue allows an attacker to forge JWT authentication information due to a hardcoded JWT key. **Recommendations** For IceCMS versions 3.4.7 and earlier, update to a version that does not contain the hardcoded JWT key to prevent attackers from forging JWT authentication information. As a temporary workaround, consider regenerating and updating the JWT key to a secure, non-hardcoded value until a patched version is available.