Vulnerabilities > CVE-2020-24981 - Incorrect Authorization vulnerability in Ucms Project Ucms 1.4.8

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
ucms-project
CWE-863

Summary

An Incorrect Access Control vulnerability exists in /ucms/chk.php in UCMS 1.4.8. This results in information leak via an error message caused by directly accessing the website built by UCMS.

Vulnerable Configurations

Part Description Count
Application
Ucms_Project
1

Common Weakness Enumeration (CWE)