UliCMS 2023.1 contains a privilege escalation vulnerability that allows unauthenticated attackers to create administrative accounts through the UserController endpoint. Attackers can send a crafted POST request to /dist/admin/index.php with specific parameters to generate a new admin user with full system access.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-12-17
UliCMS 2023.1-sniffing-vicuna contains a remote code execution vulnerability that allows authenticated attackers to upload PHP files with .phar extension during profile avatar upload. Attackers can trigger code execution by visiting the uploaded file's location, enabling system command execution through maliciously crafted avatar uploads.
CVSS Score
8.8
EPSS Score
0.002
Published
2025-12-17
UliCMS 2023.1 contains a stored cross-site scripting vulnerability that allows attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG files through the file management interface that execute arbitrary scripts when viewed by other users.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-12-17
UliCMS before 2020.2 has XSS during PackageController uninstall.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-05-07
UliCMS before 2020.2 has PageController stored XSS.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-05-07
Multiple cross-site scripting (XSS) vulnerabilities in UliCMS 2019.2 and 2019.1 allow remote attackers to inject arbitrary web script or HTML via the go parameter to admin/index.php, the go parameter to /admin/index.php?register=register, or the error parameter to admin/index.php?action=favicon.
CVSS Score
6.1
EPSS Score
0.039
Published
2019-05-08