Vulnerabilities > Ucms Project > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-14 | CVE-2022-42234 | Files or Directories Accessible to External Parties vulnerability in Ucms Project Ucms 1.6 There is a file inclusion vulnerability in the template management module in UCMS 1.6 | 8.8 |
| 2020-10-23 | CVE-2020-25483 | Command Injection vulnerability in Ucms Project Ucms 1.4.8 An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server. | 7.5 |
| 2018-09-14 | CVE-2018-17036 | Code Injection vulnerability in Ucms Project Ucms 1.4.6/1.6 An issue was discovered in UCMS 1.4.6 and 1.6. | 7.5 |
| 2018-09-14 | CVE-2018-17035 | SQL Injection vulnerability in Ucms Project Ucms 1.4.6 UCMS 1.4.6 has SQL injection during installation via the install/index.php mysql_dbname parameter. | 7.5 |