321 matches found
CVE-2026-6978
A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialcharsdecode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument sqls results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...
CVE-2026-6978
A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialcharsdecode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument sqls results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...
EUVD-2026-25654
A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialcharsdecode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument sqls results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...
CVE-2026-6978 JiZhiCMS addcache.html htmlspecialchars_decode sql injection
A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialcharsdecode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument sqls results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...
CVE-2026-6978
A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialcharsdecode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument sqls results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...
CVE-2026-6978
CVE-2026-6978 affects JiZhiCMS versions up to 2.5.6. The vulnerability is in the htmlspecialchars_decode usage in /index.php/admins/Sys/addcache.html, where manipulation of the sqls parameter enables SQL injection. The flaw allows remote exploitation, and the exploit is publicly available. The ve...
JIZHICMS 注入漏洞
JIZHICMS is an open-source content management system developed by JIZHI Corporation in China. Versions of JIZHICMS 2.5.6 and earlier had a vulnerability related to SQL injection. This vulnerability stemmed from improper handling of parameters in the htmlspecialcharsdecode function located at...
CVE-2025-50229
Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module...
EUVD-2025-209568
Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module...
CVE-2025-50229
Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module...
CVE-2025-50229
CVE-2025-50229 affects Jizhicms v2.5.4 with a SQL injection vulnerability in the product editing module. The CVSS 3.1 vector indicates high impact on confidentiality, integrity, and availability (base score 9.8; network, low attack complexity, no privileges required, no user interaction). The con...
CVE-2025-50229
Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module...
PT-2026-34666
Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module...
CVE-2025-50229
Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module...
CVE-2025-50229
Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module...
CVE-2025-50228
Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery SSRF in User Evaluation, Message, and Comment modules...
EUVD-2025-209380
Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery SSRF in User Evaluation, Message, and Comment modules...
CVE-2025-50228
Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery SSRF in User Evaluation, Message, and Comment modules...
PT-2026-31615
Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery SSRF in User Evaluation, Message, and Comment modules...
CVE-2025-50228
Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery SSRF in User Evaluation, Message, and Comment modules...