Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wuzhicms wuzhicms 4.1.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-46482
SQL injection vulnerability in wuzhicms v.4.1.0 allows a remote malicious user to execute arbitrary code via the Database Backup Functionality in the coreframe/app/database/admin/index.php component.
Wuzhicms Wuzhicms 4.1.0
2.7
CVSSv3
CVE-2022-36168
A directory traversal vulnerability exists in Wuzhicms 4.1.0. via /coreframe/app/attachment/admin/index.php:
Wuzhicms Wuzhicms 4.1.0
9.8
CVSSv3
CVE-2018-11722
WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the 'code' parameter, because 'UC_KEY' is hard coded.
Wuzhicms Wuzhicms 4.1.0
8.8
CVSSv3
CVE-2020-21325
An issue in WUZHI CMS v.4.1.0 allows a remote malicious user to execute arbitrary code via the set_chache method of the function\common.func.php file.
Wuzhicms Wuzhicms 4.1.0
4.3
CVSSv3
CVE-2020-21590
Directory traversal in coreframe/app/template/admin/index.php in WUZHI CMS 4.1.0 allows malicious users to list files in arbitrary directories via the dir parameter.
Wuzhicms Wuzhicms 4.1.0
8.8
CVSSv3
CVE-2018-9926
An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add an admin account via index.php?m=core&f=power&v=add.
Wuzhicms Wuzhicms 4.1.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-9927
An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add a user account via index.php?m=member&f=index&v=add.
Wuzhicms Wuzhicms 4.1.0
5.4
CVSSv3
CVE-2023-30123
wuzhicms v4.1.0 is vulnerable to Cross Site Scripting (XSS) in the Member Center, Account Settings.
Wuzhicms Wuzhicms 4.1.0
6.1
CVSSv3
CVE-2020-19915
Cross Site Scripting (XSS vulnerability exists in WUZHI CMS 4.1.0 via the mailbox username in index.php.
Wuzhicms Wuzhicms 4.1.0
9.8
CVSSv3
CVE-2018-20572
WUZHI CMS 4.1.0 allows coreframe/app/coupon/admin/copyfrom.php SQL injection via the index.php?m=promote&f=index&v=search keywords parameter, a related issue to CVE-2018-15893.
Wuzhicms Wuzhicms 4.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »