Ucms Project: >> Ucms >> 1.4.8 Security Vulnerabilities
An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.
CVSS Score
9.8
EPSS Score
0.491
Published
2020-10-23
An Incorrect Access Control vulnerability exists in /ucms/chk.php in UCMS 1.4.8. This results in information leak via an error message caused by directly accessing the website built by UCMS.
CVSS Score
5.3
EPSS Score
0.002
Published
2020-09-04