Wuzhicms is five fingers (WUZHI) companyβs set of PHP and MySQL based on open source content management system (CMS). A SQL injection vulnerability exists in Wuzhicms version 4.1.0. An attacker can exploit this vulnerability to execute arbitrary code via the checktitle() function.