Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wuzhicms vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-18877
SQL Injection in Wuzhi CMS v4.1.0 allows remote malicious users to obtain sensitive information via the 'flag' parameter in the component '/coreframe/app/order/admin/index.php'.
Wuzhicms Wuzhicms 4.1.0
7.5
CVSSv2
CVE-2021-40669
SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords parameter under the coreframe/app/promote/admin/index.php file.
Wuzhicms Wuzhicms 4.1.0
7.5
CVSSv2
CVE-2021-40674
An SQL injection vulnerability exists in Wuzhi CMS v4.1.0 via the KeyValue parameter in coreframe/app/order/admin/index.php.
Wuzhicms Wuzhicms 4.1.0
NA
CVE-2020-36037
An issue was disocvered in wuzhicms version 4.1.0, allows remote malicious users to execte arbitrary code via the setting parameter to the ueditor in index.php.
Wuzhicms Wuzhicms 4.1.0
5
CVSSv2
CVE-2020-28145
Arbitrary file deletion vulnerability exists in wuzhicms v 4.0.1 via coreframe\app\attachment\admin\index.php, which allows malicious users to access sensitive information.
Wuzhicms Wuzhicms 4.0.1
7.5
CVSSv2
CVE-2018-11722
WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the 'code' parameter, because 'UC_KEY' is hard coded.
Wuzhicms Wuzhicms 4.1.0
NA
CVE-2022-36168
A directory traversal vulnerability exists in Wuzhicms 4.1.0. via /coreframe/app/attachment/admin/index.php:
Wuzhicms Wuzhicms 4.1.0
7.5
CVSSv2
CVE-2021-40670
SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords iparameter under the /coreframe/app/order/admin/card.php file.
Wuzhicms Wuzhicms 4.1.0
6.8
CVSSv2
CVE-2018-9926
An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add an admin account via index.php?m=core&f=power&v=add.
Wuzhicms Wuzhicms 4.1.0
1 EDB exploit
6.8
CVSSv2
CVE-2018-9927
An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add a user account via index.php?m=member&f=index&v=add.
Wuzhicms Wuzhicms 4.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »