Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wuzhicms wuzhicms vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-19551
Blacklist bypass issue exists in WUZHI CMS up to and including 4.1.0 in common.func.php, which when uploaded can cause remote code executiong.
Wuzhicms Wuzhicms
5.4
CVSSv3
CVE-2020-19553
Cross Site Scripting (XSS) vlnerability exists in WUZHI CMS up to and including 4.1.0 in the config function in coreframe/app/attachment/libs/class/ckditor.class.php.
Wuzhicms Wuzhicms
9.8
CVSSv3
CVE-2021-40669
SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords parameter under the coreframe/app/promote/admin/index.php file.
Wuzhicms Wuzhicms 4.1.0
9.8
CVSSv3
CVE-2021-40670
SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords iparameter under the /coreframe/app/order/admin/card.php file.
Wuzhicms Wuzhicms 4.1.0
9.8
CVSSv3
CVE-2021-40674
An SQL injection vulnerability exists in Wuzhi CMS v4.1.0 via the KeyValue parameter in coreframe/app/order/admin/index.php.
Wuzhicms Wuzhicms 4.1.0
7.2
CVSSv3
CVE-2018-14472
An issue exists in WUZHI CMS 4.1.0. The vulnerable file is coreframe/app/order/admin/goods.php. The $keywords parameter is taken directly into execution without any filtering, leading to SQL injection.
Wuzhicms Wuzhicms 4.1.0
9.8
CVSSv3
CVE-2018-11722
WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the 'code' parameter, because 'UC_KEY' is hard coded.
Wuzhicms Wuzhicms 4.1.0
5.4
CVSSv3
CVE-2023-30123
wuzhicms v4.1.0 is vulnerable to Cross Site Scripting (XSS) in the Member Center, Account Settings.
Wuzhicms Wuzhicms 4.1.0
9.8
CVSSv3
CVE-2021-41654
SQL injection vulnerabilities exist in Wuzhicms v4.1.0 which allows malicious users to execute arbitrary SQL commands via the $keyValue parameter in /coreframe/app/pay/admin/index.php
Wuzhicms Wuzhicms 4.1.0
8.8
CVSSv3
CVE-2020-21325
An issue in WUZHI CMS v.4.1.0 allows a remote malicious user to execute arbitrary code via the set_chache method of the function\common.func.php file.
Wuzhicms Wuzhicms 4.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »