2018-09-14 07:00:00
mitre
PUBLISHED
user/editpost.php in UCMS 1.4.6 mishandles levels, which allows escalation from the normal user level of 1 to the superuser level of 3.