Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ucms vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-24981
An Incorrect Access Control vulnerability exists in /ucms/chk.php in UCMS 1.4.8. This results in information leak via an error message caused by directly accessing the website built by UCMS.
Ucms Project Ucms 1.4.8
5
CVSSv2
CVE-2021-25809
UCMS 1.5.0 exists to contain a physical path leakage via an error message returned by the adminchannelscache() function in top.php.
Ucms Project Ucms 1.5.0
NA
CVE-2022-38297
UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning.
Ucms Project Ucms 1.6
NA
CVE-2022-38527
UCMS v1.6.0 exists to contain a cross-site scripting (XSS) vulnerability via the Import function under the Site Management page.
Ucms Project Ucms 1.6
6.5
CVSSv2
CVE-2022-28440
An arbitrary file upload vulnerability in UCMS v1.6 allows malicious users to execute arbitrary code via a crafted PHP file.
Ucms Project Ucms 1.6
6.4
CVSSv2
CVE-2022-28443
UCMS v1.6 exists to contain an arbitrary file deletion vulnerability.
Ucms Project Ucms 1.6
5
CVSSv2
CVE-2022-28444
UCMS v1.6 exists to contain an arbitrary file read vulnerability.
Ucms Project Ucms 1.6
3.5
CVSSv2
CVE-2020-20781
A stored cross-site scripting (XSS) vulnerability in /ucms/index.php?do=list_edit of UCMS 1.4.7 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the title, key words, description or content text fields.
Ucms Project Ucms 1.4.7
3.5
CVSSv2
CVE-2018-20597
UCMS 1.4.7 has XSS via the dir parameter in an index.php sadmin_fileedit action.
Ucms Project Ucms 1.4.7
NA
CVE-2022-35426
UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file.
Ucms Project Ucms 1.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »