CVE-2023-27235

An arbitrary file upload vulnerability in the \admin\c\CommonController.php component of Jizhicms v2.4.5 allows attackers to execute arbitrary code via a crafted phtml file...

CVE-2023-27234

A Cross-Site Request Forgery CSRF in /Sys/index.html of Jizhicms v2.4.5 allows attackers to arbitrarily make configuration changes within the application...

CVE-2023-27234

A Cross-Site Request Forgery CSRF in /Sys/index.html of Jizhicms v2.4.5 allows attackers to arbitrarily make configuration changes within the application...

Privilege escalation

An arbitrary file upload vulnerability in the \admin\c\CommonController.php component of Jizhicms v2.4.5 allows attackers to execute arbitrary code via a crafted phtml file...

CVE-2023-27234

A Cross-Site Request Forgery CSRF in /Sys/index.html of Jizhicms v2.4.5 allows attackers to arbitrarily make configuration changes within the application...

CVE-2023-27234

A Cross-Site Request Forgery CSRF in /Sys/index.html of Jizhicms v2.4.5 allows attackers to arbitrarily make configuration changes within the application...

JIZHICMS 代码问题漏洞

Extreme Networks Technology JIZHICMS Extreme CMS is an open source content management system CMS from China's Extreme Networks Technology. A security vulnerability exists in JIZHICMS version v2.4.5, which originates from the admincCommonController.php component that allows an attacker to execute...

CVE-2023-27235

An arbitrary file upload vulnerability in the \admin\c\CommonController.php component of Jizhicms v2.4.5 allows attackers to execute arbitrary code via a crafted phtml file...

CVE-2021-27375

Traefik before 2.4.5 allows the loading of IFRAME elements from other domains...