CVE-2018-20599
HIGH
8.8
CVSS Severity Score
Vulnerability Description
UCMS 1.4.7 allows remote attackers to execute arbitrary PHP code by entering this code during an index.php sadmin_fileedit action.
Affected Platforms (CPE)
📦
Ucms Project
返回 CVE 浏览器
相关漏洞威胁
CVE-2020-57579.8
Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated r...
CVE-2018-170359.8
UCMS 1.4.6 has SQL injection during installation via the install/index.php mysql_dbname parameter.
CVE-2018-170369.8
An issue was discovered in UCMS 1.4.6 and 1.6. It allows PHP code injection during installation via the systemdomain parameter to ...
CVE-2020-254839.8
An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can g...