Vulnerabilities (CVE)

Filtered by vendor Myucms Project Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-21651	1 Myucms Project	1 Myucms	2022-07-10	7.5 HIGH	9.8 CRITICAL
Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\point.php, which can be exploited via the add() method.
CVE-2020-21652	1 Myucms Project	1 Myucms	2022-07-10	7.5 HIGH	9.8 CRITICAL
Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the addqq() method.
CVE-2020-21653	1 Myucms Project	1 Myucms	2021-10-15	6.4 MEDIUM	9.1 CRITICAL
Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method.