14 matches found
CVE-2025-50229
Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module...
EUVD-2025-209568
Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module...
CVE-2025-50229
Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module...
CVE-2025-50229
CVE-2025-50229 affects Jizhicms v2.5.4 with a SQL injection vulnerability in the product editing module. The CVSS 3.1 vector indicates high impact on confidentiality, integrity, and availability (base score 9.8; network, low attack complexity, no privileges required, no user interaction). The con...
CVE-2025-50229
Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module...
CVE-2025-50229
Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module...
JIZHICMS 安全漏洞
JIZHICMS is an open-source content management system developed by JIZHI Corporation in China. Version 2.5.4 of JIZHICMS contains a security vulnerability, which stems from the product’s editing module being vulnerable to SQL injection attacks...
CVE-2026-31313
An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Content field...
Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the creation/editing module
An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Content field...
Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the creation/editing module
An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter...
EUVD-2026-19275
An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter...
CVE-2026-31351
An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter...
PT-2026-30652
An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter...
PT-2026-7807
This module allows content to be edited in-place. The module doesn't sufficiently sanitize certain image-related values during the editing process leading to a persistent Cross-site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have permission to...