224 matches found
CVE-2022-38297
UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning...
PT-2022-24347 · Ucms · Ucms
Name of the Vulnerable Software and Affected Versions: UCMS version 1.6.0 Description: The issue is an authentication bypass vulnerability that can be exploited through cookie poisoning. Recommendations: For UCMS version 1.6.0, update to a version that contains a fix for this issue, as the curren...
CVE-2022-35426
UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file...
CVE-2022-35426
UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file...
Design/Logic Flaw
UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file...
CVE-2022-35426
UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file...
CVE-2022-35426
CVE-2022-35426 affects UCMS 1.6. The vulnerability is an arbitrary file upload in the ucms/sadmin/file.php handler, enabling an attacker to upload arbitrary files and potentially impact confidentiality, integrity, and availability. Root cause indicated by multiple sources is a flaw in the file up...
UCMS arbitrary file deletion vulnerability
UCMS is a simple and efficient PHP open source CMS building system. UCMS v1.6 has arbitrary file deletion vulnerability, there is no detailed vulnerability details provided...
UCMS arbitrary file reading vulnerability
UCMS is a simple and efficient PHP open source CMS builder system. UCMS v1.6 contains an arbitrary file reading vulnerability, which can be exploited by attackers to directly obtain the contents of website files, and can therefore obtain many confidential documents...
UCMS arbitrary file upload vulnerability
UCMS is a simple and efficient PHP open source CMS website building system. UCMS v1.6 contains an arbitrary file upload vulnerability that can be exploited by attackers to execute arbitrary code via carefully crafted PHP files...
CVE-2022-28443
UCMS v1.6 was discovered to contain an arbitrary file deletion vulnerability...
CVE-2022-28443
UCMS v1.6 was discovered to contain an arbitrary file deletion vulnerability...
CVE-2022-28443
UCMS v1.6 was discovered to contain an arbitrary file deletion vulnerability...
CVE-2022-28444
UCMS v1.6 was discovered to contain an arbitrary file read vulnerability...
CVE-2022-28440
An arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-28444
UCMS v1.6 was discovered to contain an arbitrary file read vulnerability...
Arbitrary file deletion
UCMS v1.6 was discovered to contain an arbitrary file deletion vulnerability...
Design/Logic Flaw
An arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code via a crafted PHP file...
Arbitrary file deletion
UCMS v1.6 was discovered to contain an arbitrary file read vulnerability...
CVE-2022-28440
The CVE-2022-28440 entry describes an arbitrary file upload vulnerability in UCMS v1.6 that allows an attacker to execute arbitrary code via a crafted PHP file. Affected component: UCMS web CMS version 1.6; vulnerability type: arbitrary file upload leading to remote code execution. According to t...