Vulnerabilities > Ucms Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-17 | CVE-2023-5015 | Cross-site Scripting vulnerability in Ucms Project Ucms 1.4.7 A vulnerability was found in UCMS 1.4.7. | 6.1 |
2023-04-26 | CVE-2023-2294 | Cross-site Scripting vulnerability in Ucms Project Ucms 1.6 A vulnerability was found in UCMS 1.6.0. | 6.1 |
2023-03-09 | CVE-2023-1303 | Unrestricted Upload of File with Dangerous Type vulnerability in Ucms Project Ucms 1.6 A vulnerability was found in UCMS 1.6 and classified as critical. | 9.8 |
2022-10-14 | CVE-2022-42234 | Files or Directories Accessible to External Parties vulnerability in Ucms Project Ucms 1.6 There is a file inclusion vulnerability in the template management module in UCMS 1.6 | 8.8 |
2022-04-21 | CVE-2022-28440 | Unrestricted Upload of File with Dangerous Type vulnerability in Ucms Project Ucms 1.6 An arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code via a crafted PHP file. | 6.5 |
2022-04-21 | CVE-2022-28443 | Unspecified vulnerability in Ucms Project Ucms 1.6 UCMS v1.6 was discovered to contain an arbitrary file deletion vulnerability. | 6.4 |
2022-04-21 | CVE-2022-28444 | Path Traversal vulnerability in Ucms Project Ucms 1.6 UCMS v1.6 was discovered to contain an arbitrary file read vulnerability. | 5.0 |
2021-09-29 | CVE-2020-20781 | Cross-site Scripting vulnerability in Ucms Project Ucms 1.4.7 A stored cross-site scripting (XSS) vulnerability in /ucms/index.php?do=list_edit of UCMS 1.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title, key words, description or content text fields. | 3.5 |
2021-07-23 | CVE-2021-25809 | Information Exposure vulnerability in Ucms Project Ucms 1.5.0 UCMS 1.5.0 was discovered to contain a physical path leakage via an error message returned by the adminchannelscache() function in top.php. | 5.0 |
2020-11-30 | CVE-2020-25537 | Unrestricted Upload of File with Dangerous Type vulnerability in Ucms Project Ucms 1.5.0 File upload vulnerability exists in UCMS 1.5.0, and the attacker can take advantage of this vulnerability to obtain server management permission. | 10.0 |