Lucene search
K

17 matches found

Vulnrichment
Vulnrichment
added 2026/02/17 12:0 a.m.5 views

CVE-2025-70397

jizhicms 2.5.6 is vulnerable to SQL Injection in Article/deleteAll and Extmolds/deleteAll via the data parameter...

5.9AI score0.00311EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:54 a.m.9 views

CVE-2020-23643

XSS exists in JIZHICMS 1.7.1 via index.php/Wechat/checkWeixin?signature=1=XSS to Home/c/WechatController.php...

6.1CVSS6AI score0.00692EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:49 a.m.5 views

CVE-2022-27429

Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via /admin.php/Plugins/update.html...

9.8CVSS7.4AI score0.011EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-39283

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00789EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-47090

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.0072EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-48178

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.0072EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:0 a.m.10 views

CVE-2023-51154

Jizhicms v2.5 was discovered to contain an arbitrary file download vulnerability via the component /admin/c/PluginsController.php...

9.8CVSS7.5AI score0.00612EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:25 a.m.6 views

CVE-2023-43836

There is a SQL injection vulnerability in the Jizhicms 2.4.9 backend, which users can use to obtain database information...

6.5CVSS7.7AI score0.00604EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 3:47 a.m.10 views

CVE-2023-31862

jizhicms v2.4.6 is vulnerable to Cross Site Scripting XSS. The content of the article published in the front end is only filtered in the front end, without being filtered in the background, which allows attackers to publish an article containing malicious JavaScript scripts by modifying the reque...

5.4CVSS6.4AI score0.00343EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:20 a.m.11 views

CVE-2022-45278

Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /index.php/admins/Fields/getfields.html component...

8.8CVSS8.3AI score0.0072EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:4 a.m.8 views

CVE-2022-44140

Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /Member/memberedit.html component...

8.8CVSS8.3AI score0.0072EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/05/08 12:0 a.m.3 views

PT-2024-25772 · Jizhicms · Jizhicms

Name of the Vulnerable Software and Affected Versions: jizhicms version 2.5.1 Description: The issue is related to a Cross-Site Scripting XSS vulnerability in the message function. This vulnerability allows for the injection of malicious scripts. To prevent exploitation, it is recommended to...

6.1CVSS5.7AI score0.00261EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2023/12/28 12:0 a.m.6 views

CVE-2023-50692

File Upload vulnerability in JIZHICMS v.2.5, allows remote attacker to execute arbitrary code via a crafted file uploaded and downloaded to the downloadurl parameter in the app/admin/exts/ directory...

8.8AI score0.00938EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/05/19 12:0 a.m.2 views

PT-2023-23496 · Jizhicms · Jizhicms

Name of the Vulnerable Software and Affected Versions: jizhicms version 2.4.6 Description: The issue allows attackers to publish an article containing malicious JavaScript scripts by modifying the request package, as the content of the article published in the front end is only filtered in the...

5.4CVSS5.5AI score0.00343EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2023/02/03 12:0 a.m.7 views

CVE-2021-36484

SQL injection vulnerability in JIZHICMS 1.9.5 allows attackers to run arbitrary SQL commands via add or edit article page...

8.4AI score0.0085EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/11/23 12:0 a.m.8 views

CVE-2022-45278

Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /index.php/admins/Fields/getfields.html component...

8.2AI score0.0072EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/06/09 2:15 p.m.5 views

CVE-2022-31393

Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Index function in app/admin/c/PluginsController.php...

9.1CVSS7.3AI score0.00977EPSS
Exploits1References2
Rows per page
Query Builder