High severity8.8NVD Advisory· Published Sep 14, 2018· Updated Jun 17, 2026
CVE-2018-17037
CVE-2018-17037
Description
user/editpost.php in UCMS 1.4.6 mishandles levels, which allows escalation from the normal user level of 1 to the superuser level of 3.
Affected products
2- Range: =1.4.6
Patches
Vulnerability mechanics
References
1- github.com/blackstar24/UCMS/blob/master/level.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.