Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wuzhicms wuzhi cms 4.1.0 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-20124
Wuzhi CMS v4.1.0 contains a remote code execution (RCE) vulnerability in \attachment\admin\index.php.
Wuzhicms Wuzhi Cms 4.1.0
6.1
CVSSv3
CVE-2018-14512
An XSS vulnerability exists in WUZHI CMS 4.1.0. There is persistent XSS that allows remote malicious users to inject arbitrary web script or HTML via the form[nickname] parameter to the index.php?m=core&f=set&v=sendmail URI. When the administrator accesses the "syste...
Wuzhicms Wuzhi Cms 4.1.0
8.8
CVSSv3
CVE-2018-18711
An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's password via index.php?m=core&f=panel&v=edit_info.
Wuzhicms Wuzhi Cms 4.1.0
8.8
CVSSv3
CVE-2018-18712
An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's username via index.php?m=member&f=index&v=edit&uid=1.
Wuzhicms Wuzhi Cms 4.1.0
4.8
CVSSv3
CVE-2018-18938
An issue exists in WUZHI CMS 4.1.0. There is stored XSS in index.php?m=core&f=index via an ontoggle attribute to details/open/ within a second input field.
Wuzhicms Wuzhi Cms 4.1.0
8.8
CVSSv3
CVE-2018-9926
An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add an admin account via index.php?m=core&f=power&v=add.
Wuzhicms Wuzhicms 4.1.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-9927
An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add a user account via index.php?m=member&f=index&v=add.
Wuzhicms Wuzhicms 4.1.0
8.1
CVSSv3
CVE-2020-24930
Beijing Wuzhi Internet Technology Co., Ltd. Wuzhi CMS 4.0.1 is an open source content management system. The five fingers CMS backend in***.php file has arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.
Wuzhicms Wuzhicms 4.1.0
6.1
CVSSv3
CVE-2020-19915
Cross Site Scripting (XSS vulnerability exists in WUZHI CMS 4.1.0 via the mailbox username in index.php.
Wuzhicms Wuzhicms 4.1.0
9.8
CVSSv3
CVE-2021-40674
An SQL injection vulnerability exists in Wuzhi CMS v4.1.0 via the KeyValue parameter in coreframe/app/order/admin/index.php.
Wuzhicms Wuzhicms 4.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »