Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wuzhicms wuzhi cms 4.1.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-52064
Wuzhicms v4.1.0 exists to contain a SQL injection vulnerability via the $keywords parameter at /core/admin/copyfrom.php.
Wuzhicms Wuzhi Cms 4.1.0
9.8
CVSSv3
CVE-2022-27431
Wuzhicms v4.1.0 exists to contain a SQL injection vulnerability via the groupid parameter at /coreframe/app/member/admin/group.php.
Wuzhicms Wuzhi Cms 4.1.0
9.8
CVSSv3
CVE-2020-20122
Wuzhi CMS v4.1 contains a SQL injection vulnerability in the checktitle() function in /coreframe/app/content/admin/content.php.
Wuzhicms Wuzhi Cms 4.1.0
9.8
CVSSv3
CVE-2021-40674
An SQL injection vulnerability exists in Wuzhi CMS v4.1.0 via the KeyValue parameter in coreframe/app/order/admin/index.php.
Wuzhicms Wuzhicms 4.1.0
9.8
CVSSv3
CVE-2021-40669
SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords parameter under the coreframe/app/promote/admin/index.php file.
Wuzhicms Wuzhicms 4.1.0
9.8
CVSSv3
CVE-2021-40670
SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords iparameter under the /coreframe/app/order/admin/card.php file.
Wuzhicms Wuzhicms 4.1.0
9.8
CVSSv3
CVE-2018-20572
WUZHI CMS 4.1.0 allows coreframe/app/coupon/admin/copyfrom.php SQL injection via the index.php?m=promote&f=index&v=search keywords parameter, a related issue to CVE-2018-15893.
Wuzhicms Wuzhicms 4.1.0
9.8
CVSSv3
CVE-2018-11722
WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the 'code' parameter, because 'UC_KEY' is hard coded.
Wuzhicms Wuzhicms 4.1.0
9.8
CVSSv3
CVE-2018-11528
WUZHI CMS 4.1.0 has SQL Injection via an api/sms_check.php?param= URI.
Wuzhicms Wuzhi Cms 4.1.0
8.8
CVSSv3
CVE-2020-21325
An issue in WUZHI CMS v.4.1.0 allows a remote malicious user to execute arbitrary code via the set_chache method of the function\common.func.php file.
Wuzhicms Wuzhicms 4.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »