CVE-2026-3292

🗓️ 27 Feb 2026 05:02:06Reported by VulDBType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 14 Views

CVE-2026-3292: jizhiCMS findAll in Batch Model.php allows remote SQL injection.

Reporter	Title	Published	Views	Family All 8
ATTACKERKB	CVE-2026-3292	27 Feb 202605:02	–	attackerkb
CNNVD	JIZHICMS SQL注入漏洞	27 Feb 202600:00	–	cnnvd
Cvelist	CVE-2026-3292 jizhiCMS Batch Model.php findAll sql injection	27 Feb 202605:02	–	cvelist
EUVD	EUVD-2026-9001	27 Feb 202606:31	–	euvd
NVD	CVE-2026-3292	27 Feb 202605:18	–	nvd
Positive Technologies	PT-2026-22299	27 Feb 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-3292	28 Feb 202607:47	–	redhatcve
Vulnrichment	CVE-2026-3292 jizhiCMS Batch Model.php findAll sql injection	27 Feb 202605:02	–	vulnrichment

NVD

Vulners

Node

jizhicms jizhicmsRange≤2.5.6

[
  {
    "vendor": "n/a",
    "product": "jizhiCMS",
    "versions": [
      {
        "version": "2.5.0",
        "status": "affected"
      },
      {
        "version": "2.5.1",
        "status": "affected"
      },
      {
        "version": "2.5.2",
        "status": "affected"
      },
      {
        "version": "2.5.3",
        "status": "affected"
      },
      {
        "version": "2.5.4",
        "status": "affected"
      },
      {
        "version": "2.5.5",
        "status": "affected"
      },
      {
        "version": "2.5.6",
        "status": "affected"
      }
    ],
    "cpes": [
      "cpe:2.3:a:jizhicms:jizhicms:*:*:*:*:*:*:*:*"
    ],
    "modules": [
      "Batch Interface"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
gist	www.gist.github.com/0psPwn/46468da7329f7c676c737b4b6b473ddc
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

17 Jun 2026 10:43Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.16.3 - 8.8

CVSS 45.3

CVSS 26.5

CVSS 36.3

EPSS0.00444

SSVC