Vulnerabilities > Ucms Project > Ucms > 1.4.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-23 | CVE-2020-25483 | Command Injection vulnerability in Ucms Project Ucms 1.4.8 An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server. | 7.5 |
2020-09-04 | CVE-2020-24981 | Incorrect Authorization vulnerability in Ucms Project Ucms 1.4.8 An Incorrect Access Control vulnerability exists in /ucms/chk.php in UCMS 1.4.8. | 5.0 |