Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Ucms ProjectUcms

7 matches found

CVE
CVEadded 2022/04/21 8:15 p.m.59 views

CVE-2022-28443

UCMS v1.6 was discovered to contain an arbitrary file deletion vulnerability.

9.1CVSS9.3AI score0.00328EPSS
CVE
CVEadded 2022/08/10 8:15 p.m.55 views

CVE-2022-35426

UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file.

9.8CVSS9.4AI score0.00152EPSS
CVE
CVEadded 2022/09/12 11:15 p.m.43 views

CVE-2022-38297

UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning.

9.8CVSS9.6AI score0.00038EPSS
CVE
CVEadded 2023/03/09 10:15 p.m.41 views

CVE-2023-1303

A vulnerability was found in UCMS 1.6 and classified as critical. This issue affects some unknown processing of the file sadmin/fileedit.php of the component System File Management Module. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The ...

9.8CVSS8AI score0.00077EPSS
CVE
CVEadded 2020/10/23 6:15 p.m.39 views

CVE-2020-25483

An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.

9.8CVSS9.6AI score0.49111EPSS
CVE
CVEadded 2018/09/14 7:29 a.m.37 views

CVE-2018-17036

An issue was discovered in UCMS 1.4.6 and 1.6. It allows PHP code injection during installation via the systemdomain parameter to install/index.php, as demonstrated by injecting a phpinfo() call into /inc/config.php.

9.8CVSS9.5AI score0.00513EPSS
CVE
CVEadded 2018/09/14 7:29 a.m.31 views

CVE-2018-17035

UCMS 1.4.6 has SQL injection during installation via the install/index.php mysql_dbname parameter.

9.8CVSS9.8AI score0.00264EPSS