📦 Ulicms

CVE-2023-53923 is a critical privilege escalation vulnerability in UliCMS that allows unauthenticated attackers to create administrative accounts with full system access. Attackers can exploit this by...

CVE-2023-53914 is an authentication bypass vulnerability in UliCMS 2023.1 that allows unauthenticated attackers to create administrative accounts with full system access through mass assignment. This ...

This vulnerability allows authenticated attackers to upload malicious PHP files disguised as avatar images in UliCMS, leading to remote code execution. Attackers can execute arbitrary system commands ...

UliCMS 2023.1 contains a stored cross-site scripting vulnerability where attackers can upload malicious SVG files containing JavaScript through the file management interface. When other users view the...