Vulnerabilities (CVE)

Filtered by vendor Myucms Project Subscribe
Filtered by product Myucms
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-21653 1 Myucms Project 1 Myucms 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method.
CVE-2020-21652 1 Myucms Project 1 Myucms 2024-11-21 7.5 HIGH 9.8 CRITICAL
Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the addqq() method.
CVE-2020-21651 1 Myucms Project 1 Myucms 2024-11-21 7.5 HIGH 9.8 CRITICAL
Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\point.php, which can be exploited via the add() method.
CVE-2020-21650 1 Myucms Project 1 Myucms 2024-11-21 6.5 MEDIUM 8.8 HIGH
Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the add() method.
CVE-2020-21649 1 Myucms Project 1 Myucms 2024-11-21 5.5 MEDIUM 8.1 HIGH
Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sql() method.