44 matches found
JIZHICMS 注入漏洞
JIZHICMS is an open-source content management system developed by JIZHI Corporation in China. Versions of JIZHICMS 2.5.6 and earlier had a vulnerability related to SQL injection. This vulnerability stemmed from improper handling of parameters in the htmlspecialcharsdecode function located at...
CVE-2023-50692
File Upload vulnerability in JIZHICMS v.2.5, allows remote attacker to execute arbitrary code via a crafted file uploaded and downloaded to the downloadurl parameter in the app/admin/exts/ directory...
CVE-2022-31393
Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Index function in app/admin/c/PluginsController.php...
CVE-2022-31390
Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Update function in app/admin/c/TemplateController.php...
EUVD-2019-7921
Malware in sbrugna...
EUVD-2020-16387
Malware in sbrugna...
EUVD-2025-15108
Malicious code in bioql PyPI...
EUVD-2023-34373
Malicious code in bioql PyPI...
EUVD-2023-36152
Malicious code in bioql PyPI...
EUVD-2023-31014
Malicious code in bioql PyPI...
EUVD-2025-7304
Malicious code in bioql PyPI...
EUVD-2022-52905
Malicious code in bioql PyPI...
CVE-2024-33338
Cross Site Scripting vulnerability in jizhicms v.2.5.4 allows a remote attacker to obtain sensitive information via a crafted article publication request...
CVE-2021-36484
SQL injection vulnerability in JIZHICMS 1.9.5 allows attackers to run arbitrary SQL commands via add or edit article page...
CVE-2020-21228
JIZHICMS 1.5.1 contains a cross-site scripting XSS vulnerability in the component /user/release.html, which allows attackers to arbitrarily add an administrator cookie...
CVE-2025-2639
A vulnerability has been found in JIZHICMS up to 1.7.0 and classified as problematic. This vulnerability affects unknown code of the file /user/release.html of the component Article Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has be...
CVE-2025-2638
A vulnerability, which was classified as problematic, was found in JIZHICMS up to 1.7.0. This affects an unknown part of the file /user/release.html of the component Article Handler. The manipulation of the argument ishot with the input 1 leads to improper authorization. It is possible to initiat...
CVE-2025-2637
A vulnerability, which was classified as problematic, has been found in JIZHICMS up to 1.7.0. Affected by this issue is some unknown functionality of the file /user/userinfo.html of the component Account Profile Page. The manipulation of the argument jifen leads to improper authorization. The...
CVE-2025-2639 JIZHICMS Article release.html improper authorization
A vulnerability has been found in JIZHICMS up to 1.7.0 and classified as problematic. This vulnerability affects unknown code of the file /user/release.html of the component Article Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has be...
CVE-2025-2639
CVE-2025-2639 affects JIZHICMS up to version 1.7.0. The vulnerability is located in the Article Handler, specifically the /user/release.html path, and arises from improper authorization in that component. Attacks can be initiated remotely, and public exploit information exists. The reviewed sourc...