Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
WuzhicmsWuzhicms

57 matches found

CVE
CVEadded 2021/09/20 7:15 p.m.28 views

CVE-2020-19915

Cross Site Scripting (XSS vulnerability exists in WUZHI CMS 4.1.0 via the mailbox username in index.php.

6.1CVSS6.1AI score0.00328EPSS
CVE
CVEadded 2021/09/28 11:15 p.m.28 views

CVE-2020-20122

Wuzhi CMS v4.1 contains a SQL injection vulnerability in the checktitle() function in /coreframe/app/content/admin/content.php.

9.8CVSS9.7AI score0.00264EPSS
CVE
CVEadded 2018/06/05 12:29 p.m.26 views

CVE-2018-11722

WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the 'code' parameter, because 'UC_KEY' is hard coded.

9.8CVSS9.8AI score0.00264EPSS
CVE
CVEadded 2018/07/20 4:29 p.m.26 views

CVE-2018-14472

An issue was discovered in WUZHI CMS 4.1.0. The vulnerable file is coreframe/app/order/admin/goods.php. The $keywords parameter is taken directly into execution without any filtering, leading to SQL injection.

7.2CVSS7.4AI score0.00576EPSS
CVE
CVEadded 2021/09/21 7:15 p.m.26 views

CVE-2020-19551

Blacklist bypass issue exists in WUZHI CMS up to and including 4.1.0 in common.func.php, which when uploaded can cause remote code executiong.

8.8CVSS8.8AI score0.00903EPSS
CVE
CVEadded 2021/09/21 7:15 p.m.25 views

CVE-2020-19553

Cross Site Scripting (XSS) vlnerability exists in WUZHI CMS up to and including 4.1.0 in the config function in coreframe/app/attachment/libs/class/ckditor.class.php.

5.4CVSS5.2AI score0.00206EPSS
CVE
CVEadded 2023/06/20 3:15 p.m.24 views

CVE-2020-20413

SQL injection vulnerability found in WUZHICMS v.4.1.0 allows a remote attacker to execute arbitrary code via the checktitle() function in admin/content.php.

9.8CVSS9.8AI score0.00584EPSS
Total number of security vulnerabilities57