Vulnerabilities > Wuzhicms > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-05 | CVE-2018-11722 | SQL Injection vulnerability in Wuzhicms 4.1.0 WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the 'code' parameter, because 'UC_KEY' is hard coded. | 9.8 |
| 2018-05-29 | CVE-2018-11528 | SQL Injection vulnerability in Wuzhicms Wuzhi CMS 4.1.0 WUZHI CMS 4.1.0 has SQL Injection via an api/sms_check.php?param= URI. | 9.8 |