Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wuzhicms wuzhicms vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-19551
Blacklist bypass issue exists in WUZHI CMS up to and including 4.1.0 in common.func.php, which when uploaded can cause remote code executiong.
Wuzhicms Wuzhicms
5.4
CVSSv3
CVE-2020-19553
Cross Site Scripting (XSS) vlnerability exists in WUZHI CMS up to and including 4.1.0 in the config function in coreframe/app/attachment/libs/class/ckditor.class.php.
Wuzhicms Wuzhicms
9.8
CVSSv3
CVE-2018-20572
WUZHI CMS 4.1.0 allows coreframe/app/coupon/admin/copyfrom.php SQL injection via the index.php?m=promote&f=index&v=search keywords parameter, a related issue to CVE-2018-15893.
Wuzhicms Wuzhicms 4.1.0
8.8
CVSSv3
CVE-2020-21325
An issue in WUZHI CMS v.4.1.0 allows a remote malicious user to execute arbitrary code via the set_chache method of the function\common.func.php file.
Wuzhicms Wuzhicms 4.1.0
2.7
CVSSv3
CVE-2022-36168
A directory traversal vulnerability exists in Wuzhicms 4.1.0. via /coreframe/app/attachment/admin/index.php:
Wuzhicms Wuzhicms 4.1.0
9.8
CVSSv3
CVE-2018-11722
WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the 'code' parameter, because 'UC_KEY' is hard coded.
Wuzhicms Wuzhicms 4.1.0
6.1
CVSSv3
CVE-2020-19915
Cross Site Scripting (XSS vulnerability exists in WUZHI CMS 4.1.0 via the mailbox username in index.php.
Wuzhicms Wuzhicms 4.1.0
7.5
CVSSv3
CVE-2020-28145
Arbitrary file deletion vulnerability exists in wuzhicms v 4.0.1 via coreframe\app\attachment\admin\index.php, which allows malicious users to access sensitive information.
Wuzhicms Wuzhicms 4.0.1
5.4
CVSSv3
CVE-2023-30123
wuzhicms v4.1.0 is vulnerable to Cross Site Scripting (XSS) in the Member Center, Account Settings.
Wuzhicms Wuzhicms 4.1.0
6.1
CVSSv3
CVE-2019-9108
XSS exists in WUZHI CMS 4.1.0 via index.php?m=core&f=map&v=baidumap&x=[XSS]&y=[XSS] to coreframe/app/core/map.php.
Wuzhicms Wuzhicms 4.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »