2 matches found
CVE-2023-51154
CVE-2023-51154 affects Jizhicms v2.5 via /admin/c/PluginsController.php, enabling arbitrary file download. Reported CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8, CRITICAL). Connected sources confirm the vulnerable component and high impact; exploitation details are not provided in the prima...
CVE-2023-51154
Jizhicms v2.5 was discovered to contain an arbitrary file download vulnerability via the component /admin/c/PluginsController.php...