Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ucms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-38297
UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning.
Ucms Project Ucms 1.6
NA
CVE-2022-42234
There is a file inclusion vulnerability in the template management module in UCMS 1.6
Ucms Project Ucms 1.6
NA
CVE-2023-1303
A vulnerability was found in UCMS 1.6 and classified as critical. This issue affects some unknown processing of the file sadmin/fileedit.php of the component System File Management Module. The manipulation of the argument file leads to unrestricted upload. The attack may be initi...
Ucms Project Ucms 1.6
5
CVSSv2
CVE-2020-24981
An Incorrect Access Control vulnerability exists in /ucms/chk.php in UCMS 1.4.8. This results in information leak via an error message caused by directly accessing the website built by UCMS.
Ucms Project Ucms 1.4.8
10
CVSSv2
CVE-2020-25537
File upload vulnerability exists in UCMS 1.5.0, and the attacker can take advantage of this vulnerability to obtain server management permission.
Ucms Project Ucms 1.5.0
NA
CVE-2023-5015
A vulnerability was found in UCMS 1.4.7. It has been classified as problematic. Affected is an unknown function of the file ajax.php?do=strarraylist. The manipulation of the argument strdefault leads to cross site scripting. It is possible to launch the attack remotely. The explo...
Ucms Project Ucms 1.4.7
4.3
CVSSv2
CVE-2018-16804
An issue exists in UCMS 1.4.6. There is XSS in the title bar, as demonstrated by a do=list request.
Ucms Project Ucms 1.4.6
4.3
CVSSv2
CVE-2018-17034
UCMS 1.4.6 has XSS via the install/index.php mysql_dbname parameter.
Ucms Project Ucms 1.4.6
7.5
CVSSv2
CVE-2018-17035
UCMS 1.4.6 has SQL injection during installation via the install/index.php mysql_dbname parameter.
Ucms Project Ucms 1.4.6
6.5
CVSSv2
CVE-2022-28440
An arbitrary file upload vulnerability in UCMS v1.6 allows malicious users to execute arbitrary code via a crafted PHP file.
Ucms Project Ucms 1.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »