Vulnerabilities > Wuzhicms > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-10 | CVE-2023-52064 | SQL Injection vulnerability in Wuzhicms Wuzhi CMS 4.1.0 Wuzhicms v4.1.0 was discovered to contain a SQL injection vulnerability via the $keywords parameter at /core/admin/copyfrom.php. | 9.8 |
| 2023-11-01 | CVE-2023-46482 | SQL Injection vulnerability in Wuzhicms 4.1.0 SQL injection vulnerability in wuzhicms v.4.1.0 allows a remote attacker to execute arbitrary code via the Database Backup Functionality in the coreframe/app/database/admin/index.php component. | 9.8 |
| 2023-06-20 | CVE-2020-20413 | SQL Injection vulnerability in Wuzhicms 4.1.0 SQL injection vulnerability found in WUZHICMS v.4.1.0 allows a remote attacker to execute arbitrary code via the checktitle() function in admin/content.php. | 9.8 |