Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Utcms ProjectUtcms

3 matches found

CVE
CVEadded 2025/09/10 12:0 a.m.14 views

CVE-2025-56407

The CVE-2025-56407 entry affects HuangDou UTCMS V9, specifically the RunSql function in app/modules/ut-data/admin/mysql.php. The root cause is manipulation of the sql argument that enables SQL injection, with remote exploitation and publicly disclosed exploit capabilities. Public sources consiste...

8.8CVSS6.8AI score0.00061EPSS
Web
CVE
CVEadded 2025/08/25 1:32 a.m.14 views

CVE-2025-9402

CVE-2025-9402 affects HuangDou UTCMS 9, specifically the Config Handler’s file app/modules/ut-frame/admin/update.php. Root cause: manipulation of the UPDATEURL argument enables server-side request forgery (SSRF). Impact: remote exploitation with potential compromise of affected systems; exploit p...

7.2CVSS4.8AI score0.00074EPSS
Web
CVE
CVEadded 2025/08/25 1:2 a.m.13 views

CVE-2025-9401

HuangDou UTCMS 9 is affected in the Login component (file app/modules/ut-frame/admin/login.php). The issue arises from manipulation of the code parameter, causing an incorrect comparison. It is exploitable remotely with high complexity, and exploitation is publicly disclosed. No patch/version fix...

6.3CVSS7AI score0.00055EPSS
Web