CVE-2023-1303

Name of the Vulnerable Software and Affected Versions UCMS version 1.6

Description A critical issue affects the System File Management Module, specifically the file sadmin/fileedit.php, allowing for unrestricted upload due to the manipulation of the file argument. This can be initiated remotely.

Recommendations For UCMS version 1.6, consider restricting access to the sadmin/fileedit.php file and the System File Management Module to minimize the risk of exploitation. Avoid using the file argument in the affected module until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.