Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

Prion
Prionadded 2018/09/14 7:29 a.m.38 views

Code injection

An issue was discovered in UCMS 1.4.6 and 1.6. It allows PHP code injection during installation via the systemdomain parameter to install/index.php, as demonstrated by injecting a phpinfo call into /inc/config.php...

7.5CVSS9.5AI score0.00486EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2018/09/14 7:0 a.m.42 views

CVE-2018-17036

UCMS 1.4.6 and 1.6 have a PHP code injection vulnerability in the installer. The flaw occurs in the install/index.php flow via the systemdomain parameter, enabling injection and execution of PHP code (demonstrated by injecting a phpinfo() call into /inc/config.php). Root cause, as described in mu...

9.8CVSS9.5AI score0.00486EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2018/09/14 7:0 a.m.12 views

CVE-2018-17036

An issue was discovered in UCMS 1.4.6 and 1.6. It allows PHP code injection during installation via the systemdomain parameter to install/index.php, as demonstrated by injecting a phpinfo call into /inc/config.php...

9.7AI score0.00486EPSS
Exploits1References1
CNVD
CNVDadded 2018/09/14 12:0 a.m.1 views

UCMS PHP Code Injection Vulnerability

UCMS is a content management system written in PHP. A security vulnerability exists in the install/index.php file in UCMS version 1.4.6. The vulnerability can be exploited to inject and execute PHP code with the help of the 'systemdomain' parameter...

9.8CVSS9.3AI score0.00486EPSS
Exploits1References1
Rows per page
Query Builder