Lucene search
+L

224 matches found

Cvelist
Cvelist
added 2022/09/12 10:10 p.m.29 views

CVE-2022-38297

UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning...

9.9AI score0.01118EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/09/12 12:0 a.m.7 views

PT-2022-24347 · Ucms · Ucms

Name of the Vulnerable Software and Affected Versions: UCMS version 1.6.0 Description: The issue is an authentication bypass vulnerability that can be exploited through cookie poisoning. Recommendations: For UCMS version 1.6.0, update to a version that contains a fix for this issue, as the curren...

9.8CVSS9.5AI score0.01118EPSS
Exploits1References3
NVD
NVD
added 2022/08/10 8:15 p.m.27 views

CVE-2022-35426

UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file...

9.8CVSS0.00947EPSS
Exploits1References1
OSV
OSV
added 2022/08/10 8:15 p.m.3 views

CVE-2022-35426

UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file...

9.8CVSS5.9AI score0.00947EPSS
Exploits1References1
Prion
Prion
added 2022/08/10 8:15 p.m.15 views

Design/Logic Flaw

UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file...

7.5CVSS9.5AI score0.00947EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/08/09 4:19 p.m.31 views

CVE-2022-35426

UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file...

9.7AI score0.00947EPSS
Exploits1References1
CVE
CVE
added 2022/08/09 4:19 p.m.70 views

CVE-2022-35426

CVE-2022-35426 affects UCMS 1.6. The vulnerability is an arbitrary file upload in the ucms/sadmin/file.php handler, enabling an attacker to upload arbitrary files and potentially impact confidentiality, integrity, and availability. Root cause indicated by multiple sources is a flaw in the file up...

9.8CVSS9.4AI score0.00947EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2022/04/22 12:0 a.m.24 views

UCMS arbitrary file deletion vulnerability

UCMS is a simple and efficient PHP open source CMS building system. UCMS v1.6 has arbitrary file deletion vulnerability, there is no detailed vulnerability details provided...

9.1CVSS2.5AI score0.00948EPSS
Exploits0References1
CNVD
CNVD
added 2022/04/22 12:0 a.m.27 views

UCMS arbitrary file reading vulnerability

UCMS is a simple and efficient PHP open source CMS builder system. UCMS v1.6 contains an arbitrary file reading vulnerability, which can be exploited by attackers to directly obtain the contents of website files, and can therefore obtain many confidential documents...

7.5CVSS4AI score0.01505EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/22 12:0 a.m.22 views

UCMS arbitrary file upload vulnerability

UCMS is a simple and efficient PHP open source CMS website building system. UCMS v1.6 contains an arbitrary file upload vulnerability that can be exploited by attackers to execute arbitrary code via carefully crafted PHP files...

8.8CVSS5.9AI score0.01612EPSS
Exploits1References1
NVD
NVD
added 2022/04/21 8:15 p.m.17 views

CVE-2022-28443

UCMS v1.6 was discovered to contain an arbitrary file deletion vulnerability...

9.1CVSS0.00948EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/21 8:15 p.m.4 views

CVE-2022-28443

UCMS v1.6 was discovered to contain an arbitrary file deletion vulnerability...

9.1CVSS6AI score0.00948EPSS
Exploits0References2
OSV
OSV
added 2022/04/21 8:15 p.m.3 views

CVE-2022-28443

UCMS v1.6 was discovered to contain an arbitrary file deletion vulnerability...

9.1CVSS7.4AI score0.00948EPSS
Exploits0References1
NVD
NVD
added 2022/04/21 8:15 p.m.15 views

CVE-2022-28444

UCMS v1.6 was discovered to contain an arbitrary file read vulnerability...

7.5CVSS0.01505EPSS
Exploits1References1
NVD
NVD
added 2022/04/21 8:15 p.m.17 views

CVE-2022-28440

An arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code via a crafted PHP file...

8.8CVSS0.01612EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/04/21 8:15 p.m.4 views

CVE-2022-28444

UCMS v1.6 was discovered to contain an arbitrary file read vulnerability...

7.5CVSS6AI score0.01505EPSS
Exploits1References2
Prion
Prion
added 2022/04/21 8:15 p.m.21 views

Arbitrary file deletion

UCMS v1.6 was discovered to contain an arbitrary file deletion vulnerability...

6.4CVSS9.2AI score0.00948EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/04/21 8:15 p.m.18 views

Design/Logic Flaw

An arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code via a crafted PHP file...

6.5CVSS8.8AI score0.01612EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/04/21 8:15 p.m.12 views

Arbitrary file deletion

UCMS v1.6 was discovered to contain an arbitrary file read vulnerability...

5CVSS7.5AI score0.01505EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/04/21 7:4 p.m.79 views

CVE-2022-28440

The CVE-2022-28440 entry describes an arbitrary file upload vulnerability in UCMS v1.6 that allows an attacker to execute arbitrary code via a crafted PHP file. Affected component: UCMS web CMS version 1.6; vulnerability type: arbitrary file upload leading to remote code execution. According to t...

8.8CVSS8.8AI score0.01612EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder