Primary

Context

UliCMS Authentication Bypass Vulnerability Allowing Unauthenticated Admin User Creation

Vulnerability

An authentication bypass vulnerability has been identified in UliCMS version 2023.1. This vulnerability allows unauthenticated attackers to create admin users by exploiting mass assignment in the UserController. By sending a crafted POST request to the admin index.php endpoint with specific parameters, attackers can generate an administrative account with full system access.

Impact

Exploitation of this vulnerability allows for unauthorized creation of admin accounts, granting full system access to the attackers.

Reproduction

To reproduce this vulnerability, send a POST request to the admin index.php endpoint. Include parameters such as 'sClass' set to 'UserController', 'sMethod' set to 'create', and 'add_admin' set to 'add_admin'. Additionally, provide a username, first name, last name, email, password, and group ID. The request must be made without authentication.

Added: Dec 17, 2025, 11:41 PM

Updated: Dec 17, 2025, 11:41 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

7.5

exploitability

9.7

remediation

0.0

relevance

1.5

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

7.5

exploitability

9.7

remediation

0.0

relevance

1.5

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

UliCMS Authentication Bypass Vulnerability Allowing Unauthenticated Admin User Creation

Vulnerability

Impact

Reproduction

Affected Products

UliCMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating