Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jizhicms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34255
jizhicms v2.5.1 contains a Cross-Site Scripting(XSS) vulnerability in the message function.
NA
CVE-2024-33338
Cross Site Scripting vulnerability in jizhicms v.2.5.4 allows a remote malicious user to obtain sensitive information via a crafted article publication request.
NA
CVE-2024-32161
jizhiCMS 2.5 suffers from a File upload vulnerability.
9.8
CVSSv3
CVE-2023-51154
Jizhicms v2.5 exists to contain an arbitrary file download vulnerability via the component /admin/c/PluginsController.php.
Jizhicms Jizhicms 2.5.0
8.8
CVSSv3
CVE-2023-50692
File Upload vulnerability in JIZHICMS v.2.5, allows remote malicious user to execute arbitrary code via a crafted file uploaded and downloaded to the download_url parameter in the app/admin/exts/ directory.
Jizhicms Jizhicms 2.5
6.5
CVSSv3
CVE-2023-43836
There is a SQL injection vulnerability in the Jizhicms 2.4.9 backend, which users can use to obtain database information
Jizhicms Jizhicms 2.4.9
7.2
CVSSv3
CVE-2023-38948
An arbitrary file download vulnerability in the /c/PluginsController.php component of jizhi CMS 1.9.5 allows malicious users to execute arbitrary code via downloading a crafted plugin.
Jizhicms Jizhicms 1.9.5
9.8
CVSSv3
CVE-2023-2927
A vulnerability was found in JIZHICMS 2.4.5. It has been classified as critical. Affected is the function index of the file TemplateController.php. The manipulation of the argument webapi leads to server-side request forgery. It is possible to launch the attack remotely. The expl...
Jizhicms Jizhicms 2.4.5
5.4
CVSSv3
CVE-2023-31862
jizhicms v2.4.6 is vulnerable to Cross Site Scripting (XSS). The content of the article published in the front end is only filtered in the front end, without being filtered in the background, which allows malicious users to publish an article containing malicious JavaScript scrip...
Jizhicms Jizhicms 2.4.6
7.2
CVSSv3
CVE-2023-27235
An arbitrary file upload vulnerability in the \admin\c\CommonController.php component of Jizhicms v2.4.5 allows malicious users to execute arbitrary code via a crafted phtml file.
Jizhicms Jizhicms 2.4.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »