Page 2 of 7 results (0.002 seconds)
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-34865
https://notcve.org/view.php?id=CVE-2023-34865
Directory traversal vulnerability in ujcms 6.0.2 allows attackers to move files via the rename feature. • https://github.com/ujcms/ujcms/issues/5 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-24369
https://notcve.org/view.php?id=CVE-2023-24369
A cross-site scripting (XSS) vulnerability in UJCMS v4.1.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter under the Add New Articles function. • https://github.com/ujcms/ujcms/issues/3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •