WUZHI CMS (Five Fingers CMS) is a high-performance open source content management system that supports the LNAMP architecture, suitable for portals, corporate websites, mobile sites, microsoft promotion. WUZHI CMS version 4.1.0 has a SQL injection vulnerability. The attacker can use the keywords parameter in /coreframe/app/order/admin/card.php to conduct SQL injection attacks.