Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-51350 | 1 Ujcms | 1 Ujcms | 2024-02-05 | N/A | 9.8 CRITICAL |
| A spoofing attack in ujcms v.8.0.2 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted script to the X-Forwarded-For function in the header. | |||||
| CVE-2023-51806 | 1 Ujcms | 1 Ujcms | 2024-02-05 | N/A | 5.4 MEDIUM |
| File Upload vulnerability in Ujcms v.8.0.2 allows a local attacker to execute arbitrary code via a crafted file. | |||||
| CVE-2023-24369 | 1 Ujcms | 1 Ujcms | 2024-02-04 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in UJCMS v4.1.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter under the Add New Articles function. | |||||