Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ucms project vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-16804
An issue exists in UCMS 1.4.6. There is XSS in the title bar, as demonstrated by a do=list request.
Ucms Project Ucms 1.4.6
7.5
CVSSv2
CVE-2020-25483
An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.
Ucms Project Ucms 1.4.8
10
CVSSv2
CVE-2020-25537
File upload vulnerability exists in UCMS 1.5.0, and the attacker can take advantage of this vulnerability to obtain server management permission.
Ucms Project Ucms 1.5.0
3.5
CVSSv2
CVE-2018-20597
UCMS 1.4.7 has XSS via the dir parameter in an index.php sadmin_fileedit action.
Ucms Project Ucms 1.4.7
6.8
CVSSv2
CVE-2018-20598
UCMS 1.4.7 has ?do=user_addpost CSRF.
Ucms Project Ucms 1.4.7
4.3
CVSSv2
CVE-2018-20600
sadmin\cedit.php in UCMS 1.4.7 has XSS via an index.php sadmin_cedit action.
Ucms Project Ucms 1.4.7
3.5
CVSSv2
CVE-2018-20601
UCMS 1.4.7 has XSS via the description parameter in an index.php list_editpost action.
Ucms Project Ucms 1.4.7
5
CVSSv2
CVE-2021-25809
UCMS 1.5.0 exists to contain a physical path leakage via an error message returned by the adminchannelscache() function in top.php.
Ucms Project Ucms 1.5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3