myucms_project 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
Historical issues mainly involve vendor risk ssrf and vendor risk sql injection and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2020-21653 | Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method. | [email protected] | 9.1 | 0.25% | 2021-10-06 | 2024-11-21 |
| CVE-2020-21652 | Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the addqq() method. | [email protected] | 9.8 | 3.28% | 2021-10-06 | 2024-11-21 |
| CVE-2020-21651 | Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\point.php, which can be exploited via the add() method. | [email protected] | 9.8 | 3.52% | 2021-10-06 | 2024-11-21 |
| CVE-2020-21650 | Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the add() method. | [email protected] | 8.8 | 3.67% | 2021-10-06 | 2024-11-21 |
| CVE-2020-21649 | Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sql() method. | [email protected] | 8.1 | 0.21% | 2021-10-06 | 2024-11-21 |