Vulnerabilities > Ucms Project > Ucms > 1.6

DATE CVE VULNERABILITY TITLE RISK
2023-04-26 CVE-2023-2294 Cross-site Scripting vulnerability in Ucms Project Ucms 1.6
A vulnerability was found in UCMS 1.6.0.
network
low complexity
ucms-project CWE-79
6.1
2023-03-09 CVE-2023-1303 Unrestricted Upload of File with Dangerous Type vulnerability in Ucms Project Ucms 1.6
A vulnerability was found in UCMS 1.6 and classified as critical.
network
low complexity
ucms-project CWE-434
critical
9.8
2022-10-14 CVE-2022-42234 Files or Directories Accessible to External Parties vulnerability in Ucms Project Ucms 1.6
There is a file inclusion vulnerability in the template management module in UCMS 1.6
network
low complexity
ucms-project CWE-552
8.8
2022-04-21 CVE-2022-28440 Unrestricted Upload of File with Dangerous Type vulnerability in Ucms Project Ucms 1.6
An arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code via a crafted PHP file.
network
low complexity
ucms-project CWE-434
6.5
2022-04-21 CVE-2022-28443 Unspecified vulnerability in Ucms Project Ucms 1.6
UCMS v1.6 was discovered to contain an arbitrary file deletion vulnerability.
network
low complexity
ucms-project
6.4
2022-04-21 CVE-2022-28444 Path Traversal vulnerability in Ucms Project Ucms 1.6
UCMS v1.6 was discovered to contain an arbitrary file read vulnerability.
network
low complexity
ucms-project CWE-22
5.0
2018-09-14 CVE-2018-17036 Code Injection vulnerability in Ucms Project Ucms 1.4.6/1.6
An issue was discovered in UCMS 1.4.6 and 1.6.
network
low complexity
ucms-project CWE-94
7.5