Vulnerabilities > Jizhicms > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-04 | CVE-2023-51154 | Unspecified vulnerability in Jizhicms 2.5.0 Jizhicms v2.5 was discovered to contain an arbitrary file download vulnerability via the component /admin/c/PluginsController.php. | 9.8 |
| 2023-05-27 | CVE-2023-2927 | Unspecified vulnerability in Jizhicms 2.4.5 A vulnerability was found in JIZHICMS 2.4.5. | 9.8 |
| 2023-02-03 | CVE-2021-36484 | SQL Injection vulnerability in Jizhicms 1.9.5 SQL injection vulnerability in JIZHICMS 1.9.5 allows attackers to run arbitrary SQL commands via add or edit article page. | 9.8 |
| 2022-08-19 | CVE-2022-36578 | SQL Injection vulnerability in Jizhicms 2.3.1 jizhicms v2.3.1 has SQL injection in the background. | 9.8 |
| 2022-06-09 | CVE-2022-31390 | Server-Side Request Forgery (SSRF) vulnerability in Jizhicms 2.2.5 Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the Update function in app/admin/c/TemplateController.php. | 9.1 |
| 2022-06-09 | CVE-2022-31393 | Server-Side Request Forgery (SSRF) vulnerability in Jizhicms 2.2.5 Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the Index function in app/admin/c/PluginsController.php. | 9.1 |
| 2022-04-25 | CVE-2022-27429 | Server-Side Request Forgery (SSRF) vulnerability in Jizhicms 1.9.5 Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via /admin.php/Plugins/update.html. | 9.8 |