cbcvebase.

Myucms Project Myucms vulnerabilities

5 known vulnerabilities affecting myucms_project/myucms.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL3HIGH2

Vulnerabilities

Page 1 of 1
CVE-2020-21650P2HIGHCVSS 8.8Exploitedv2.22021-10-06
CVE-2020-21650 [HIGH] CWE-94 CVE-2020-21650: Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Conf Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the add() method.
nvd
CVE-2020-21651P3CRITICALCVSS 9.8v2.22021-10-06
CVE-2020-21651 [CRITICAL] CWE-94 CVE-2020-21651: Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\poin Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\point.php, which can be exploited via the add() method.
nvd
CVE-2020-21652P2CRITICALCVSS 9.8v2.22021-10-06
CVE-2020-21652 [CRITICAL] CWE-94 CVE-2020-21652: Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Conf Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the addqq() method.
nvd
CVE-2020-21653P3CRITICALCVSS 9.1v2.22021-10-06
CVE-2020-21653 [CRITICAL] CWE-918 CVE-2020-21653: Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method.
nvd
CVE-2020-21649P3HIGHCVSS 8.1v2.22021-10-06
CVE-2020-21649 [HIGH] CWE-918 CVE-2020-21649: Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sql() method.
nvd
Myucms Project Myucms vulnerabilities | cvebase