Browse all 26 CVE security advisories affecting unitecms. AI-powered Chinese analysis, POCs, and references for each vulnerability.
UniteCMS is a content management system designed for managing digital assets and web content, primarily serving enterprise environments requiring structured information delivery. Security audits have identified twenty-six Common Vulnerabilities and Exposures (CVEs) associated with the platform, indicating a persistent history of security flaws. These vulnerabilities predominantly involve remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and improper access controls within the application’s core modules. Notable incidents include multiple successful exploitation attempts that allowed attackers to gain unauthorized administrative access or inject malicious scripts into user-facing pages. The accumulation of these CVEs suggests that while the software offers robust content management features, its historical security posture has been compromised by recurring implementation errors, necessitating rigorous patch management and continuous monitoring to mitigate risks in production deployments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-1710 | Addon Library <= 1.3.76 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Upload — Addon LibraryCWE-862 | 8.8 | High | 2024-02-24 |
This page lists every published CVE security advisory associated with unitecms. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.