Vulnerabilities > Myucms Project > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-06 | CVE-2020-21651 | Code Injection vulnerability in Myucms Project Myucms 2.2 Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\point.php, which can be exploited via the add() method. | 9.8 |
| 2021-10-06 | CVE-2020-21652 | Code Injection vulnerability in Myucms Project Myucms 2.2 Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the addqq() method. | 9.8 |
| 2021-10-06 | CVE-2020-21653 | Server-Side Request Forgery (SSRF) vulnerability in Myucms Project Myucms 2.2 Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method. | 9.1 |