Vulnerabilities > Tuzicms

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-26	CVE-2022-46999	SQL Injection vulnerability in Tuzicms 2.0.6 Tuzicms v2.0.6 was discovered to contain a SQL injection vulnerability via the component \App\Manage\Controller\UserController.class.php. network low complexity tuzicms CWE-89 critical	9.8
2022-03-28	CVE-2022-23882	SQL Injection vulnerability in Tuzicms 2.0.6 TuziCMS 2.0.6 is affected by SQL injection in \App\Manage\Controller\BannerController.class.php. network low complexity tuzicms CWE-89	7.5
2019-09-21	CVE-2019-16659	Cross-Site Request Forgery (CSRF) vulnerability in Tuzicms 2.0.6 TuziCMS 2.0.6 has index.php/manage/link/do_add CSRF. network tuzicms CWE-352	6.8
2019-09-21	CVE-2019-16658	Cross-Site Request Forgery (CSRF) vulnerability in Tuzicms 2.0.6 TuziCMS 2.0.6 has index.php/manage/notice/do_add CSRF. network tuzicms CWE-352	6.8
2019-09-21	CVE-2019-16657	Cross-site Scripting vulnerability in Tuzicms 2.0.6 TuziCMS 2.0.6 has XSS via the PATH_INFO to a group URI, as demonstrated by index.php/article/group/id/2/. network tuzicms CWE-79	4.3
2019-09-20	CVE-2019-16644	SQL Injection vulnerability in Tuzicms 2.0.6 App\Home\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Zhuanti/group?id= substring. network low complexity tuzicms CWE-89	7.5
2018-04-17	CVE-2018-10185	Cross-Site Request Forgery (CSRF) vulnerability in Tuzicms 2.0.6 An issue was discovered in TuziCMS v2.0.6. network tuzicms CWE-352	6.8

Vulnerabilities > Tuzicms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Tuzicms"}]}