Vulnerabilities > Ucms Project > Ucms > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-29 | CVE-2020-20781 | Cross-site Scripting vulnerability in Ucms Project Ucms 1.4.7 A stored cross-site scripting (XSS) vulnerability in /ucms/index.php?do=list_edit of UCMS 1.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title, key words, description or content text fields. | 3.5 |
| 2018-12-30 | CVE-2018-20597 | Cross-site Scripting vulnerability in Ucms Project Ucms 1.4.7 UCMS 1.4.7 has XSS via the dir parameter in an index.php sadmin_fileedit action. | 3.5 |
| 2018-12-30 | CVE-2018-20601 | Cross-site Scripting vulnerability in Ucms Project Ucms 1.4.7 UCMS 1.4.7 has XSS via the description parameter in an index.php list_editpost action. | 3.5 |