Umi Cms

umi-cms

2 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2013-2754 1Umi Cms 1Umi.cms May 6, 2026 Mar 11, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in Umisoft UMI.CMS before 2.9 build 21905 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via a request...Show more Cross-site request forgery (CSRF) vulnerability in Umisoft UMI.CMS before 2.9 build 21905 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via a request to admin/users/add/user/do/.Show less
CVE-2007-5428 1Umi Cms 1Umi Cms Apr 23, 2026 Oct 12, 2007 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in UMI CMS allows remote attackers to inject arbitrary web script or HTML via the search_string parameter to the default URI in search_do/.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2013-2754

1Umi Cms

1Umi.cms

May 6, 2026

Mar 11, 2014

N/A· v4

N/A· v3

6.8 MEDIUM· v2

Cross-site request forgery (CSRF) vulnerability in Umisoft UMI.CMS before 2.9 build 21905 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via a request...Show more

CVE-2007-5428

1Umi Cms

Apr 23, 2026

Oct 12, 2007

N/A· v4

N/A· v3

4.3 MEDIUM· v2

Cross-site scripting (XSS) vulnerability in UMI CMS allows remote attackers to inject arbitrary web script or HTML via the search_string parameter to the default URI in search_do/.