VulnerableCode Package Details - pkg:composer/icecoder/icecoder@8.1

Search for packages

Vulnerability	Summary	Fixed by
VCID-76uc-xd9r-f3gz Aliases: CVE-2024-41373 GHSA-x38c-v778-w56m	ICEcoder Path Traversal vulnerability ICEcoder 8.1 contains a Path Traversal vulnerability via lib/backup-versions-preview-loader.php.	There are no reported fixed by versions.
VCID-7dkz-eu2g-gyhe Aliases: CVE-2024-41374 GHSA-xcr9-pm5w-gvh2	ICEcoder vulnerable to Cross Site Scripting ICEcoder 8.1 is vulnerable to Cross Site Scripting (XSS) via lib/settings-screen.php	There are no reported fixed by versions.
VCID-bvd2-qk4w-bkda Aliases: CVE-2022-34026 GHSA-fvf5-xp83-vrqp	ICEcoder vulnerable to Path Traversal ICEcoder v8.1 allows attackers to execute a directory traversal.	There are no reported fixed by versions.
VCID-dk9u-m4au-3kgq Aliases: CVE-2024-41375 GHSA-5j47-3m62-7vr3	ICEcoder vulnerable to Cross Site Scripting ICEcoder 8.1 is vulnerable to Cross Site Scripting (XSS) via lib/terminal-xhr.php	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-76uc-xd9r-f3gz
Aliases:
CVE-2024-41373
GHSA-x38c-v778-w56m

ICEcoder Path Traversal vulnerability ICEcoder 8.1 contains a Path Traversal vulnerability via lib/backup-versions-preview-loader.php.

There are no reported fixed by versions.

VCID-7dkz-eu2g-gyhe
Aliases:
CVE-2024-41374
GHSA-xcr9-pm5w-gvh2

ICEcoder vulnerable to Cross Site Scripting ICEcoder 8.1 is vulnerable to Cross Site Scripting (XSS) via lib/settings-screen.php

There are no reported fixed by versions.

VCID-bvd2-qk4w-bkda
Aliases:
CVE-2022-34026
GHSA-fvf5-xp83-vrqp

ICEcoder vulnerable to Path Traversal ICEcoder v8.1 allows attackers to execute a directory traversal.

There are no reported fixed by versions.

VCID-dk9u-m4au-3kgq
Aliases:
CVE-2024-41375
GHSA-5j47-3m62-7vr3

ICEcoder vulnerable to Cross Site Scripting ICEcoder 8.1 is vulnerable to Cross Site Scripting (XSS) via lib/terminal-xhr.php

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
VCID-z19c-88s1-s7bt	icecoder is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')	CVE-2021-3862 GHSA-73q9-7pwj-gm46

Vulnerability

Summary

Aliases

VCID-z19c-88s1-s7bt

icecoder is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2021-3862
GHSA-73q9-7pwj-gm46

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-06T05:15:16.208255+00:00	GitLab Importer	Affected by	VCID-dk9u-m4au-3kgq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/icecoder/icecoder/CVE-2024-41375.yml	38.6.0
2026-06-06T05:15:15.430398+00:00	GitLab Importer	Affected by	VCID-76uc-xd9r-f3gz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/icecoder/icecoder/CVE-2024-41373.yml	38.6.0
2026-06-06T05:15:14.786561+00:00	GitLab Importer	Affected by	VCID-7dkz-eu2g-gyhe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/icecoder/icecoder/CVE-2024-41374.yml	38.6.0
2026-06-06T02:58:33.381476+00:00	GitLab Importer	Affected by	VCID-bvd2-qk4w-bkda	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/icecoder/icecoder/CVE-2022-34026.yml	38.6.0
2026-06-06T01:18:07.649460+00:00	GitLab Importer	Fixing	VCID-z19c-88s1-s7bt	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/icecoder/icecoder/CVE-2021-3862.yml	38.6.0