Vulnerabilities > Ucms Project > Ucms > 1.5.0

DATE CVE VULNERABILITY TITLE RISK
2021-07-23 CVE-2021-25809 Information Exposure Through an Error Message vulnerability in Ucms Project Ucms 1.5.0
UCMS 1.5.0 was discovered to contain a physical path leakage via an error message returned by the adminchannelscache() function in top.php.
network
low complexity
ucms-project CWE-209
5.3
5.3
2020-11-30 CVE-2020-25537 Unrestricted Upload of File with Dangerous Type vulnerability in Ucms Project Ucms 1.5.0
File upload vulnerability exists in UCMS 1.5.0, and the attacker can take advantage of this vulnerability to obtain server management permission.
network
low complexity
ucms-project CWE-434
critical
 9.8
9.8