An Incorrect Access Control vulnerability exists in /ucms/chk.php in UCMS 1.4.8. This results in information leak via an error message caused by directly accessing the website built by UCMS.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24981
Reference (s):
- https://sunian.top/2020/08/26/ucms-Incorrect%20Access%20Control/