Ucms
by Ucms
Source repositories
CVEs (24)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-20601 | Med | 0.31 | 4.8 | 0.01 | Dec 30, 2018 | UCMS 1.4.7 has XSS via the description parameter in an index.php list_editpost action. | ||
| CVE-2018-20597 | Med | 0.31 | 4.8 | 0.01 | Dec 30, 2018 | UCMS 1.4.7 has XSS via the dir parameter in an index.php sadmin_fileedit action. | ||
| CVE-2023-5015 | Low | 0.23 | 3.5 | 0.00 | Sep 17, 2023 | A vulnerability was found in UCMS 1.4.7. It has been classified as problematic. Affected is an unknown function of the file ajax.php?do=strarraylist. The manipulation of the argument strdefault leads to cross site scripting. It is possible to launch the attack remotely. The… | ||
| CVE-2023-2294 | Low | 0.23 | 3.5 | 0.01 | Apr 26, 2023 | A vulnerability was found in UCMS 1.6.0. It has been classified as problematic. This affects an unknown part of the file saddpost.php of the component Column Configuration. The manipulation of the argument strorder leads to cross site scripting. It is possible to initiate the… |
- risk 0.31cvss 4.8epss 0.01
UCMS 1.4.7 has XSS via the description parameter in an index.php list_editpost action.
- risk 0.31cvss 4.8epss 0.01
UCMS 1.4.7 has XSS via the dir parameter in an index.php sadmin_fileedit action.
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in UCMS 1.4.7. It has been classified as problematic. Affected is an unknown function of the file ajax.php?do=strarraylist. The manipulation of the argument strdefault leads to cross site scripting. It is possible to launch the attack remotely. The…
- risk 0.23cvss 3.5epss 0.01
A vulnerability was found in UCMS 1.6.0. It has been classified as problematic. This affects an unknown part of the file saddpost.php of the component Column Configuration. The manipulation of the argument strorder leads to cross site scripting. It is possible to initiate the…
Page 2 of 2