Product
ulicms
7 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-53925
CVE-2023-53924
CVE-2023-53923
CVE-2023-53914
CVE-2020-12704
CVE-2020-12703
CVE-2019-11398
all versions
UliCMS 2023.1 contains a stored cross-site scripting vulnerability that allows attackers to upload malicious SVG files with embedd
all versions
UliCMS 2023.1-sniffing-vicuna contains a remote code execution vulnerability that allows authenticated attackers to upload PHP fil
all versions
UliCMS 2023.1 contains a privilege escalation vulnerability that allows unauthenticated attackers to create administrative account
all versions
UliCMS 2023.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through
< 2020.2
UliCMS before 2020.2 has PageController stored XSS.
< 2020.2
UliCMS before 2020.2 has XSS during PackageController uninstall.
all versions
Multiple cross-site scripting (XSS) vulnerabilities in UliCMS 2019.2 and 2019.1 allow remote attackers to inject arbitrary web scr