ukcms
by ukcms
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-10888 | Hig | 0.57 | 8.8 | 0.01 | Apr 5, 2019 | A CSRF Issue that can add an admin user was discovered in UKcms v1.1.10 via admin.php/admin/role/add.html. | ||
| CVE-2020-18449 | Med | 0.35 | 5.4 | 0.01 | Aug 12, 2021 | Cross Site Scripting (XSS) vulnerability exists in UKCMS v1.1.10 via data in the index function in Single.php | ||
| CVE-2020-20977 | Med | 0.35 | 5.4 | 0.01 | Aug 12, 2021 | A stored cross site scripting (XSS) vulnerability in index.php/legend/6.html of UK CMS v1.1.10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Comments section. |
- risk 0.57cvss 8.8epss 0.01
A CSRF Issue that can add an admin user was discovered in UKcms v1.1.10 via admin.php/admin/role/add.html.
- risk 0.35cvss 5.4epss 0.01
Cross Site Scripting (XSS) vulnerability exists in UKCMS v1.1.10 via data in the index function in Single.php
- risk 0.35cvss 5.4epss 0.01
A stored cross site scripting (XSS) vulnerability in index.php/legend/6.html of UK CMS v1.1.10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Comments section.