Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:49 a.m.4 views

CVE-2020-24930

Beijing Wuzhi Internet Technology Co., Ltd. Wuzhi CMS 4.0.1 is an open source content management system. The five fingers CMS backend in.php file has arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files...

8.1CVSS7.2AI score0.01092EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/02/28 12:0 a.m.3 views

WUZHI CMS 安全漏洞

WUZHI CMS is an open source content management system CMS based on PHP and MySQL by Five Fingers WUZHI. A security vulnerability exists in WUZHI CMS version v4.1.0, which originates from cross-site scripting in the del function...

5.4CVSS6AI score0.00218EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/10/30 12:0 a.m.2 views

WUZHI CMS 代码注入漏洞

WUZHI CMS is a PHP and MySQL based open source content management system CMS from WUZHI. A code injection vulnerability exists in WUZHI CMS version 4.1.0, which originates from a code injection in the add or edit function of the file www/coreframe/app/content/admin/block.php...

7.2CVSS6.8AI score0.00677EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/04/03 12:0 a.m.4 views

WUZHI CMS 安全漏洞

WUZHI CMS is an open source content management system CMS based on PHP and MySQL by Five Fingers WUZHI. A security vulnerability exists in WUZHI CMS version 4.1.0, which originated from allowing an attacker to execute arbitrary code and obtain sensitive information via the index.php file...

6.5CVSS7.4AI score0.00673EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/06/20 12:0 a.m.7 views

PT-2023-11582 · Wuzhicms · Wuzhi Cms

Name of the Vulnerable Software and Affected Versions: WUZHI CMS version 4.1.0 Description: An issue in the software allows a remote attacker to execute arbitrary code via the set chache method of the functioncommon.func.php file. Recommendations: For WUZHI CMS version 4.1.0, consider disabling t...

8.8CVSS8.1AI score0.01263EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/06/20 12:0 a.m.6 views

WUZHI CMS SQL注入漏洞

Wuzhicms is five fingers WUZHI company's set of PHP and MySQL based on open source content management system CMS. A SQL injection vulnerability exists in Wuzhicms version 4.1.0. An attacker can exploit this vulnerability to execute arbitrary code via the checktitle function...

9.8CVSS8.7AI score0.01343EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/09/21 12:0 a.m.4 views

Wuzhi WUZHI CMS 跨站脚本漏洞

Wuzhi WUZHI CMS is a PHP and MySQL based open source content management system CMS from Wuzhi. A security vulnerability exists in WUZHI CMS 4.1.0 and later, which originates from the coreframe/app/attachment/libs/class/ckditor.class.php configuration function...

5.4CVSS5.8AI score0.00562EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/06/22 12:0 a.m.3 views

Wuzhi CMS 跨站脚本漏洞

WUZHI CMS WUZHI CMS is a high-performance open source content management system , support for the LNAMP architecture , suitable for portals , corporate Web site , mobile site , microblogging promotion. WUZHI CMS version 4.1.0 has a cross-site scripting vulnerability. Remote attackers can use the...

6.1CVSS5.7AI score0.01498EPSS
Exploits1References2
CNVD
CNVD
added 2019/03/08 12:0 a.m.3 views

WUZHI CMS Cross-Site Scripting Vulnerability (CNVD-2019-07935)

WUZHI CMS is five fingers WUZHI company based on PHP and MySQL open source content management system CMS. A cross-site scripting vulnerability exists in WUZHI CMS version 4.1.0. An attacker can use the 'Detailed Description' field in the 'I want to ask a question' page to inject arbitrary Web...

5.4CVSS6.2AI score0.00684EPSS
Exploits1References1
CNVD
CNVD
added 2019/02/25 12:0 a.m.3 views

WUZHI CMS Cross-Site Scripting Vulnerability (CNVD-2019-05299)

WUZHI CMS is five fingers WUZHI company based on PHP and MySQL open source content management system CMS. WUZHI CMS version 4.1.0 cross-site scripting vulnerability, remote attackers can use the /index.php?m=message&f=message&v=add URL's 'setiframe' parameter to use the vulnerability to inject...

6.1CVSS6.5AI score0.00853EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/06 12:0 a.m.2 views

WUZHI CMS Cross-Site Scripting Vulnerability (CNVD-2019-09135)

WUZHI CMS is five fingers WUZHI company based on PHP and MySQL open source content management system CMS. A stored cross-site scripting vulnerability exists in index.php?m=core&f=index in WUZHI CMS 4.1.0, which can be exploited to inject arbitrary web script or HTML via the ontoggle attribute of...

4.8CVSS4.7AI score0.0067EPSS
Exploits1References1
CNVD
CNVD
added 2018/08/27 12:0 a.m.5 views

WUZHI CMS SQL Injection Vulnerability (CNVD-2018-18142)

WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system CMS. A SQL injection vulnerability exists in the /coreframe/app/admin/pay/admin/index.php file in WUZHI CMS version 4.1.0. A remote attacker can exploit this...

9.8CVSS9.9AI score0.01537EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/07/23 12:0 a.m.5 views

PT-2018-12556 · Wuzhi · Wuzhi Cms

Name of the Vulnerable Software and Affected Versions: WUZHI CMS version 4.1.0 Description: A persistent XSS issue allows remote attackers to inject arbitrary web script or HTML via the formnickname parameter to the "index.php?m=core&f=set&v=sendmail" API endpoint. The XSS payload is triggered wh...

6.1CVSS5.9AI score0.01085EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2018/05/29 12:0 a.m.5 views

PT-2018-10640 · Wuzhi · Wuzhi Cms

Name of the Vulnerable Software and Affected Versions: WUZHI CMS version 4.1.0 Description: The issue is related to SQL Injection, which can be exploited via the /api/sms check.php API endpoint with a param variable. Recommendations: For WUZHI CMS version 4.1.0, update to a newer version that...

9.8CVSS9.4AI score0.0155EPSS
Exploits1References4
CNVD
CNVD
added 2018/05/28 12:0 a.m.2 views

WUZHI CMS Cross-Site Request Forgery Vulnerability (CNVD-2018-11227)

WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system CMS. A cross-site request forgery vulnerability exists in WUZHI CMS version 4.1.0. A remote attacker can exploit this vulnerability to add links...

8.8CVSS6.9AI score0.0065EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/26 12:0 a.m.4 views

WUZHI CMS Cross-Site Scripting Vulnerability (CNVD-2018-08585)

WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system CMS. A cross-site scripting vulnerability exists in the content management feature of WUZHI CMS version 4.1.0. A remote attacker can exploit this vulnerability to injec...

4.8CVSS6.2AI score0.0067EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/26 12:0 a.m.3 views

WUZHI CMS Cross-Site Scripting Vulnerability (CNVD-2018-08584)

WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system CMS. A cross-site scripting vulnerability exists in the system announcement feature of the extension module in WUZHI CMS version 4.1.0. A remote attacker can exploit th...

4.8CVSS6.1AI score0.0067EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/04/24 12:0 a.m.6 views

PT-2018-9820 · Wuzhi · Wuzhi Cms

Name of the Vulnerable Software and Affected Versions: WUZHI CMS version 4.1.0 Description: The issue allows for persistent XSS via the form%5Bqq 10%5D parameter to the "/index.php?m=member&f=index&v=profile&set iframe=1" URI. This enables potential attackers to inject malicious scripts into the...

5.4CVSS5AI score0.02237EPSS
Exploits5References5
Positive Technologies
Positive Technologies
added 2018/04/20 12:0 a.m.4 views

PT-2018-9781 · Wuzhi · Wuzhi Cms

Name of the Vulnerable Software and Affected Versions: WUZHI CMS version 4.1.0 Description: A CSRF issue allows deletion of any article via the "index.php?m=content&f=content&v=recycle delete" endpoint. Recommendations: For WUZHI CMS version 4.1.0, update to a newer version that contains a fix fo...

6.5CVSS6.3AI score0.00558EPSS
Exploits1References4
Rows per page
Query Builder