11 matches found
EUVD-2018-13150
Malware in sbrugna...
EUVD-2018-13148
Malware in sbrugna...
CVE-2018-20597
UCMS 1.4.7 has XSS via the dir parameter in an index.php sadminfileedit action...
CVE-2018-20597
UCMS 1.4.7 has XSS via the dir parameter in an index.php sadminfileedit action...
CVE-2018-20599
UCMS 1.4.7 allows remote attackers to execute arbitrary PHP code by entering this code during an index.php sadminfileedit action...
Design/Logic Flaw
UCMS 1.4.7 allows remote attackers to execute arbitrary PHP code by entering this code during an index.php sadminfileedit action...
Design/Logic Flaw
UCMS 1.4.7 has XSS via the dir parameter in an index.php sadminfileedit action...
CVE-2018-20599
CVE-2018-20599 affects UCMS 1.4.7, where input during the index.php sadmin_fileedit action can be used to execute arbitrary PHP code, enabling remote code execution. The issue is described across multiple sources (NVD/Red Hat/NVD mirror), confirming that the vulnerability stems from the sadmin_fi...
CVE-2018-20597
UCMS 1.4.7 has XSS via the dir parameter in an index.php sadminfileedit action...
CVE-2018-20597
UCMS 1.4.7 is affected by a cross-site scripting (XSS) vulnerability caused by unsafely handling the dir parameter in the sadmin_fileedit action of index.php. The issue allows injection of arbitrary HTML/JavaScript in user-visible pages. No exploits or practical in-the-wild details are provided i...
CVE-2018-20599
UCMS 1.4.7 allows remote attackers to execute arbitrary PHP code by entering this code during an index.php sadminfileedit action...