CVE-2023-53923 UliCMS 2023.1 Privilege Escalation via Unauthenticated Admin Account Creation

UliCMS 2023.1 contains a privilege escalation vulnerability that allows unauthenticated attackers to create administrative accounts through the UserController endpoint. Attackers can send a crafted POST request to /dist/admin/index.php with specific parameters to generate a new admin user with fu...

UliCMS 安全漏洞

UliCMS is a content management system CMS open source by UliCMS. The system supports features such as access control and WYSIWYG editing. A security vulnerability exists in UliCMS version 2023.1 that originates from an unauthenticated attacker who can create an administrator account via the...