Skip to main content

Uipress Lite

2 CVEs product

Monthly

CVE-2026-27091 MEDIUM This Month

UiPress Lite versions through 3.5.09 contain a missing authorization vulnerability (CWE-862) that allows authenticated users to exploit incorrectly configured access control security levels, enabling privilege escalation or unauthorized resource access. An attacker with low-level user credentials can bypass authorization checks to access or modify functionality restricted to higher-privilege roles. The vulnerability has a CVSS score of 6.3 with network-based attack vector requiring only low privileges, indicating moderate real-world exploitability.

Authentication Bypass Uipress Lite
NVD VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2024-38788 HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bởi Admin 2020 UiPress lite allows SQL Injection.4.06. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Uipress Lite
NVD
CVSS 3.1
7.2
EPSS
0.6%
EPSS 0% CVSS 6.3
MEDIUM This Month

UiPress Lite versions through 3.5.09 contain a missing authorization vulnerability (CWE-862) that allows authenticated users to exploit incorrectly configured access control security levels, enabling privilege escalation or unauthorized resource access. An attacker with low-level user credentials can bypass authorization checks to access or modify functionality restricted to higher-privilege roles. The vulnerability has a CVSS score of 6.3 with network-based attack vector requiring only low privileges, indicating moderate real-world exploitability.

Authentication Bypass Uipress Lite
NVD VulDB
EPSS 1% CVSS 7.2
HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bởi Admin 2020 UiPress lite allows SQL Injection.4.06. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Uipress Lite
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy