Browse all 4 CVE security advisories affecting Imaster. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Imaster is a web application primarily used for website management and content management systems. Historically, it has been vulnerable to multiple remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities, often stemming from improper input validation and insecure authentication mechanisms. The application has also exhibited privilege escalation flaws, allowing unauthorized users to access administrative functions. With four CVEs recorded, Imaster's security posture has been inconsistent, with some instances allowing complete system compromise. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities suggests a need for rigorous security testing and input sanitization to prevent potential breaches.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-41006 | Multiple vulnerabilities in Imaster products Open configuration options — MEMS Events CRMCWE-89 | 9.8AI | CriticalAI | 2026-01-12 |
| CVE-2025-41005 | Multiple vulnerabilities in Imaster products Open configuration options — MEMS Events CRMCWE-89 | 9.8AI | CriticalAI | 2026-01-12 |
| CVE-2025-41004 | Multiple vulnerabilities in Imaster products Open configuration options — Patient Record Management SystemCWE-89 | 9.8AI | CriticalAI | 2026-01-12 |
| CVE-2025-41003 | Multiple vulnerabilities in Imaster products Open configuration options — Patient Record Management SystemCWE-79 | 5.4AI | MediumAI | 2026-01-12 |
This page lists every published CVE security advisory associated with Imaster. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.