Show filters
34 Total Results
Displaying 31-34 of 34
Sort by:
Attacker Value
Unknown

CVE-2022-28444

Disclosure Date: April 21, 2022 (last updated February 23, 2025)
UCMS v1.6 was discovered to contain an arbitrary file read vulnerability.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-28443

Disclosure Date: April 21, 2022 (last updated October 07, 2023)
UCMS v1.6 was discovered to contain an arbitrary file deletion vulnerability.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-28440

Disclosure Date: April 21, 2022 (last updated February 23, 2025)
An arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code via a crafted PHP file.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2018-17036

Disclosure Date: September 14, 2018 (last updated November 27, 2024)
An issue was discovered in UCMS 1.4.6 and 1.6. It allows PHP code injection during installation via the systemdomain parameter to install/index.php, as demonstrated by injecting a phpinfo() call into /inc/config.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous