Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wuzhicms vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-10221
An issue exists in WUZHI CMS V4.1.0. There is a persistent XSS vulnerability that can steal the administrator cookies via the tag[tag] parameter to the index.php?m=tags&f=index&v=add&&_su=wuzhicms URI. After a website editor (whose privilege is lower than the admi...
Wuzhicms Wuzhicms 4.1.0
6.5
CVSSv2
CVE-2018-14472
An issue exists in WUZHI CMS 4.1.0. The vulnerable file is coreframe/app/order/admin/goods.php. The $keywords parameter is taken directly into execution without any filtering, leading to SQL injection.
Wuzhicms Wuzhicms 4.1.0
NA
CVE-2023-46482
SQL injection vulnerability in wuzhicms v.4.1.0 allows a remote malicious user to execute arbitrary code via the Database Backup Functionality in the coreframe/app/database/admin/index.php component.
Wuzhicms Wuzhicms 4.1.0
7.5
CVSSv2
CVE-2018-11722
WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the 'code' parameter, because 'UC_KEY' is hard coded.
Wuzhicms Wuzhicms 4.1.0
NA
CVE-2020-20413
SQL injection vulnerability found in WUZHICMS v.4.1.0 allows a remote malicious user to execute arbitrary code via the checktitle() function in admin/content.php.
Wuzhicms Wuzhicms 4.1.0
6.5
CVSSv2
CVE-2020-20124
Wuzhi CMS v4.1.0 contains a remote code execution (RCE) vulnerability in \attachment\admin\index.php.
Wuzhicms Wuzhi Cms 4.1.0
4.3
CVSSv2
CVE-2018-17832
XSS exists in WUZHI CMS 2.0 via the index.php v or f parameter.
Wuzhicms Wuzhi Cms 2.0
1 EDB exploit
6.8
CVSSv2
CVE-2018-18712
An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's username via index.php?m=member&f=index&v=edit&uid=1.
Wuzhicms Wuzhi Cms 4.1.0
3.5
CVSSv2
CVE-2018-17425
WUZHI CMS 4.1.0 has stored XSS via the "Membership Center" "I want to ask" "detailed description" field under the index.php?m=member URI.
Wuzhicms Wuzhi Cms 4.1.0
6.8
CVSSv2
CVE-2018-18711
An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's password via index.php?m=core&f=panel&v=edit_info.
Wuzhicms Wuzhi Cms 4.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »