Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
m-core m-core vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0156
M-Core stores the database under the web document root, which allows remote malicious users to obtain sensitive information via a direct request to db/uyelik.mdb.
M-core M-core
6.1
CVSSv3
CVE-2018-16350
WUZHI CMS 4.1.0 has XSS via the index.php?m=core&f=set&v=basic form[statcode] parameter.
Wuzhi Cms Project Wuzhi Cms 4.1.0
5.4
CVSSv3
CVE-2018-17426
WUZHI CMS 4.1.0 has stored XSS via the "Extension module" "SMS in station" field under the index.php?m=core URI.
Wuzhicms Wuzhi Cms 4.1.0
4.8
CVSSv3
CVE-2018-18939
An issue exists in WUZHI CMS 4.1.0. There is stored XSS in index.php?m=core&f=index via a seventh input field.
Wuzhi Cms Project Wuzhi Cms 4.1.0
6.1
CVSSv3
CVE-2019-9108
XSS exists in WUZHI CMS 4.1.0 via index.php?m=core&f=map&v=baidumap&x=[XSS]&y=[XSS] to coreframe/app/core/map.php.
Wuzhicms Wuzhicms 4.1.0
9.8
CVSSv3
CVE-2018-15893
A SQL injection exists in /coreframe/app/admin/copyfrom.php in WUZHI CMS 4.1.0 via the index.php?m=core&f=copyfrom&v=listing keywords parameter.
Wuzhi Cms Project Wuzhi Cms 4.1.0
8.8
CVSSv3
CVE-2018-18711
An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's password via index.php?m=core&f=panel&v=edit_info.
Wuzhicms Wuzhi Cms 4.1.0
4.8
CVSSv3
CVE-2018-18938
An issue exists in WUZHI CMS 4.1.0. There is stored XSS in index.php?m=core&f=index via an ontoggle attribute to details/open/ within a second input field.
Wuzhicms Wuzhi Cms 4.1.0
8.8
CVSSv3
CVE-2018-9926
An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add an admin account via index.php?m=core&f=power&v=add.
Wuzhicms Wuzhicms 4.1.0
1 EDB exploit
6.1
CVSSv3
CVE-2018-14512
An XSS vulnerability exists in WUZHI CMS 4.1.0. There is persistent XSS that allows remote malicious users to inject arbitrary web script or HTML via the form[nickname] parameter to the index.php?m=core&f=set&v=sendmail URI. When the administrator accesses the "syste...
Wuzhicms Wuzhi Cms 4.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started