2 matches found
CVE-2018-11722
WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the 'code' parameter, because 'UCKEY' is hard coded...
CVE-2018-11722
CVE-2018-11722 affects WUZHI CMS 4.1.0 with a SQL Injection in api/uc.php driven by the 'code' parameter due to a hard-coded UC_KEY. The vulnerability is described across multiple datasources as enabling arbitrary SQL commands; CVSS metrics indicate network-level access, low attack complexity, an...