4 matches found
CVE-2020-25483
An arbitrary command execution vulnerability exists in the fopen function of file writes of UCMS v1.4.8, where an attacker can gain access to the server...
Command injection
An arbitrary command execution vulnerability exists in the fopen function of file writes of UCMS v1.4.8, where an attacker can gain access to the server...
CVE-2020-25483
An arbitrary command execution vulnerability exists in the fopen function of file writes of UCMS v1.4.8, where an attacker can gain access to the server...
CVE-2020-25483
UCMS v1.4.8 contains an arbitrary command execution vulnerability in the fopen() function used for file writes. The issue stems from UCMS’s handling of file writes, enabling an attacker to gain access to the server. Public references from NVD, Red Hat, CNVD and others corroborate the vulnerabilit...