Lucene search

Myucms Security Vulnerabilities

cve

CVE-2020-21649

Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sql() method.

8.1CVSS

8AI Score

0.001EPSS

2021-10-06 10:15 PM

cve

CVE-2020-21650

Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the add() method.

8.8CVSS

8.9AI Score

0.005EPSS

2021-10-06 10:15 PM

cve

CVE-2020-21651

Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\point.php, which can be exploited via the add() method.

9.8CVSS

9.6AI Score

0.008EPSS

2021-10-06 10:15 PM

cve

CVE-2020-21652

Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the addqq() method.

9.8CVSS

9.7AI Score

0.007EPSS

2021-10-06 10:15 PM

cve

CVE-2020-21653

Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method.

9.1CVSS

9.1AI Score

0.003EPSS

2021-10-06 10:15 PM