Product:

Ucms

(Ucms_project)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 28
Date Id Summary Products Score Patch Annotated
2022-09-19 CVE-2022-38527 UCMS v1.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Import function under the Site Management page. Ucms 6.1
2022-10-14 CVE-2022-42234 There is a file inclusion vulnerability in the template management module in UCMS 1.6 Ucms 8.8
2020-09-04 CVE-2020-24981 An Incorrect Access Control vulnerability exists in /ucms/chk.php in UCMS 1.4.8. This results in information leak via an error message caused by directly accessing the website built by UCMS. Ucms 5.3
2020-10-23 CVE-2020-25483 An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server. Ucms 9.8
2020-11-30 CVE-2020-25537 File upload vulnerability exists in UCMS 1.5.0, and the attacker can take advantage of this vulnerability to obtain server management permission. Ucms 9.8
2021-07-23 CVE-2021-25809 UCMS 1.5.0 was discovered to contain a physical path leakage via an error message returned by the adminchannelscache() function in top.php. Ucms 5.3
2021-09-29 CVE-2020-20781 A stored cross-site scripting (XSS) vulnerability in /ucms/index.php?do=list_edit of UCMS 1.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title, key words, description or content text fields. Ucms 5.4
2022-04-21 CVE-2022-28440 An arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code via a crafted PHP file. Ucms 8.8
2022-04-21 CVE-2022-28443 UCMS v1.6 was discovered to contain an arbitrary file deletion vulnerability. Ucms 9.1
2022-04-21 CVE-2022-28444 UCMS v1.6 was discovered to contain an arbitrary file read vulnerability. Ucms 7.5