Lucene search

Myucms Security Vulnerabilities - CVSS Score 9 - 10

cve

CVE-2020-21651

Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\point.php, which can be exploited via the add() method.

9.8CVSS

9.6AI Score

0.01EPSS

2021-10-06 10:15 PM

cve

CVE-2020-21652

Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the addqq() method.

9.8CVSS

9.7AI Score

0.008EPSS

2021-10-06 10:15 PM

cve

CVE-2020-21653

Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method.

9.1CVSS

9.1AI Score

0.003EPSS

2021-10-06 10:15 PM