Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wuzhi cms vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-11549
An issue exists in WUZHI CMS 4.1.0 There is a Stored XSS Vulnerability in "Account Settings -> Member Centre -> Chinese information -> Ordinary member" via a QQ number, as demonstrated by a form[qq_10]= substring.
Wuzhicms Wuzhi Cms 4.1.0
9.8
CVSSv3
CVE-2018-11528
WUZHI CMS 4.1.0 has SQL Injection via an api/sms_check.php?param= URI.
Wuzhicms Wuzhi Cms 4.1.0
8.8
CVSSv3
CVE-2018-11493
An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add a friendship link via index.php?m=link&f=index&v=add.
Wuzhicms Wuzhi Cms 4.1.0
4.8
CVSSv3
CVE-2018-10391
An issue exists in WUZHI CMS 4.1.0. There is XSS via the email parameter to the index.php?m=member&v=register URI.
Wuzhicms Wuzhi Cms 4.1.0
4.8
CVSSv3
CVE-2018-10367
An issue exists in WUZHI CMS 4.1.0. The content-management feature has Stored XSS via the title or content section.
Wuzhicms Wuzhi Cms 4.1.0
4.8
CVSSv3
CVE-2018-10368
An issue exists in WUZHI CMS 4.1.0. The "Extension Module -> System Announcement" feature has Stored XSS via an announcement.
Wuzhicms Wuzhi Cms 4.1.0
6.1
CVSSv3
CVE-2018-10311
A vulnerability exists in WUZHI CMS 4.1.0. There is persistent XSS that allows remote malicious users to inject arbitrary web script or HTML via the tag[pinyin] parameter to the /index.php?m=tags&f=index&v=add URI.
Wuzhicms Wuzhi Cms 4.1.0
1 EDB exploit
5.4
CVSSv3
CVE-2018-10313
WUZHI CMS 4.1.0 allows persistent XSS via the form%5Bqq_10%5D parameter to the /index.php?m=member&f=index&v=profile&set_iframe=1 URI.
Wuzhicms Wuzhi Cms 4.1.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-10312
index.php?m=member&v=pw_reset in WUZHI CMS 4.1.0 allows CSRF to change the password of a common member.
Wuzhicms Wuzhi Cms 4.1.0
1 EDB exploit
6.5
CVSSv3
CVE-2018-10248
An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can delete any article via index.php?m=content&f=content&v=recycle_delete.
Wuzhicms Wuzhi Cms 4.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »