Vulnerabilities > Ukcms

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-12	CVE-2020-18449	Cross-site Scripting vulnerability in Ukcms 1.1.10 Cross Site Scripting (XSS) vulnerability exists in UKCMS v1.1.10 via data in the index function in Single.php network low complexity ukcms CWE-79	5.4
2021-08-12	CVE-2020-20977	Cross-site Scripting vulnerability in Ukcms 1.1.10 A stored cross site scripting (XSS) vulnerability in index.php/legend/6.html of UK CMS v1.1.10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Comments section. network low complexity ukcms CWE-79	5.4
2019-04-05	CVE-2019-10888	Cross-Site Request Forgery (CSRF) vulnerability in Ukcms 1.1.10 A CSRF Issue that can add an admin user was discovered in UKcms v1.1.10 via admin.php/admin/role/add.html. network low complexity ukcms CWE-352	8.8
2018-08-03	CVE-2018-14911	Unrestricted Upload of File with Dangerous Type vulnerability in Ukcms A file upload vulnerability exists in ukcms v1.1.7 and earlier. network low complexity ukcms CWE-434	7.2

Vulnerabilities > Ukcms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ukcms"}]}