Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.4 views

PT-2026-35148

A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialchars decode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument sqls results in sql injection. It is possible to launch the attack remotely. The exploit is now publ...

5.8CVSS5AI score0.00253EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.10 views

JIZHICMS 安全漏洞

JIZHICMS is an open-source content management system developed by JIZHI Corporation in China. Version 2.5.4 of JIZHICMS contains a security vulnerability, which stems from the product’s editing module being vulnerable to SQL injection attacks...

9.8CVSS5.9AI score0.00359EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.8 views

JIZHICMS 安全漏洞

JIZHICMS is an open-source content management system developed by JIZHI Corporation in China. JIZHICMS versions 2.5.6 and earlier contained security vulnerabilities. These vulnerabilities were caused by insufficient input cleaning in the publish function of the app/home/c/UserController.php file,...

5.4CVSS5.7AI score0.00165EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/17 12:0 a.m.14 views

JIZHICMS(极致CMS) 安全漏洞

JIZHICMS is an open-source content management system developed by JIZHI Corporation in China. Version 2.5.6 of JIZHICMS contains a security vulnerability. This vulnerability arises from the lack of validation for the data parameters in functions like Article/deleteAll and Extmolds/deleteAll, whic...

7.2CVSS5.9AI score0.00311EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/03/23 12:0 a.m.4 views

JIZHICMS 安全漏洞

JIZHICMS Jizhi CMS is an open source content management system CMS from the Chinese company Jizhi JIZHI. A security vulnerability exists in JIZHICMS version 1.7.0 and prior versions, which stems from improper authorization...

5.3CVSS4.8AI score0.00389EPSS
Exploits1References5
OSV
OSV
added 2023/05/19 1:15 p.m.3 views

CVE-2023-31862

jizhicms v2.4.6 is vulnerable to Cross Site Scripting XSS. The content of the article published in the front end is only filtered in the front end, without being filtered in the background, which allows attackers to publish an article containing malicious JavaScript scripts by modifying the reque...

5.4CVSS6.1AI score0.00343EPSS
Exploits1References1
Rows per page
Query Builder