Ucms Security Vulnerabilities and Issues — Ucms CVE List | Vulners.com

Lucene search

K

Ucms ProjectUcms

7 matches found

CVE•added 2018/09/21 6:29 p.m.•37 views

CVE-2018-17320

An issue was discovered in UCMS 1.4.6. aaddpost.php has stored XSS via the sadmin/aindex.php minfo parameter in a sadmin_aaddpost action.

6.1CVSS5.8AI score0.0024EPSS

CVE•added 2019/03/07 11:29 p.m.•33 views

CVE-2018-16804

An issue was discovered in UCMS 1.4.6. There is XSS in the title bar, as demonstrated by a do=list request.

6.1CVSS5.9AI score0.0024EPSS

CVE•added 2022/09/19 10:15 p.m.•31 views

CVE-2022-38527

UCMS v1.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Import function under the Site Management page.

6.1CVSS6AI score0.00114EPSS

CVE•added 2018/09/14 7:29 a.m.•30 views

CVE-2018-17034

UCMS 1.4.6 has XSS via the install/index.php mysql_dbname parameter.

6.1CVSS6AI score0.0024EPSS

CVE•added 2018/12/30 9:29 p.m.•27 views

CVE-2018-20600

sadmin\cedit.php in UCMS 1.4.7 has XSS via an index.php sadmin_cedit action.

6.1CVSS5.9AI score0.0024EPSS

CVE•added 2023/04/26 6:15 a.m.•27 views

CVE-2023-2294

A vulnerability was found in UCMS 1.6.0. It has been classified as problematic. This affects an unknown part of the file saddpost.php of the component Column Configuration. The manipulation of the argument strorder leads to cross site scripting. It is possible to initiate the attack remotely. The e...

6.1CVSS4.8AI score0.0007EPSS

CVE•added 2023/09/17 2:15 a.m.•26 views

CVE-2023-5015

A vulnerability was found in UCMS 1.4.7. It has been classified as problematic. Affected is an unknown function of the file ajax.php?do=strarraylist. The manipulation of the argument strdefault leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclos...

6.1CVSS4.5AI score0.0007EPSS