Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jizhicms vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-51154
Jizhicms v2.5 exists to contain an arbitrary file download vulnerability via the component /admin/c/PluginsController.php.
Jizhicms Jizhicms 2.5.0
9.8
CVSSv3
CVE-2023-2927
A vulnerability was found in JIZHICMS 2.4.5. It has been classified as critical. Affected is the function index of the file TemplateController.php. The manipulation of the argument webapi leads to server-side request forgery. It is possible to launch the attack remotely. The expl...
Jizhicms Jizhicms 2.4.5
9.8
CVSSv3
CVE-2021-36484
SQL injection vulnerability in JIZHICMS 1.9.5 allows malicious users to run arbitrary SQL commands via add or edit article page.
Jizhicms Jizhicms 1.9.5
9.8
CVSSv3
CVE-2022-36578
jizhicms v2.3.1 has SQL injection in the background.
Jizhicms Jizhicms 2.3.1
9.8
CVSSv3
CVE-2022-27429
Jizhicms v1.9.5 exists to contain a Server-Side Request Forgery (SSRF) vulnerability via /admin.php/Plugins/update.html.
Jizhicms Jizhicms 1.9.5
9.1
CVSSv3
CVE-2022-31390
Jizhicms v2.2.5 exists to contain a Server-Side Request Forgery (SSRF) vulnerability via the Update function in app/admin/c/TemplateController.php.
Jizhicms Jizhicms 2.2.5
9.1
CVSSv3
CVE-2022-31393
Jizhicms v2.2.5 exists to contain a Server-Side Request Forgery (SSRF) vulnerability via the Index function in app/admin/c/PluginsController.php.
Jizhicms Jizhicms 2.2.5
8.8
CVSSv3
CVE-2023-50692
File Upload vulnerability in JIZHICMS v.2.5, allows remote malicious user to execute arbitrary code via a crafted file uploaded and downloaded to the download_url parameter in the app/admin/exts/ directory.
Jizhicms Jizhicms 2.5
8.8
CVSSv3
CVE-2022-45278
Jizhicms v2.3.3 exists to contain a SQL injection vulnerability via the /index.php/admins/Fields/get_fields.html component.
Jizhicms Jizhicms 2.3.3
8.8
CVSSv3
CVE-2022-44140
Jizhicms v2.3.3 exists to contain a SQL injection vulnerability via the /Member/memberedit.html component.
Jizhicms Jizhicms 2.3.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »