Vulnerabilities > Wuzhicms > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-30 | CVE-2024-10505 | Code Injection vulnerability in Wuzhicms 4.1.0 A vulnerability was found in wuzhicms 4.1.0. | 7.2 |
| 2023-08-11 | CVE-2020-36037 | Unspecified vulnerability in Wuzhicms 4.1.0 An issue was disocvered in wuzhicms version 4.1.0, allows remote attackers to execte arbitrary code via the setting parameter to the ueditor in index.php. | 8.8 |
| 2023-06-20 | CVE-2020-21325 | Unrestricted Upload of File with Dangerous Type vulnerability in Wuzhicms 4.1.0 An issue in WUZHI CMS v.4.1.0 allows a remote attacker to execute arbitrary code via the set_chache method of the function\common.func.php file. | 8.8 |
| 2021-10-12 | CVE-2020-28145 | Exposure of Resource to Wrong Sphere vulnerability in Wuzhicms 4.0.1 Arbitrary file deletion vulnerability was discovered in wuzhicms v 4.0.1 via coreframe\app\attachment\admin\index.php, which allows attackers to access sensitive information. | 7.5 |
| 2021-09-28 | CVE-2020-20124 | Code Injection vulnerability in Wuzhicms Wuzhi CMS 4.1.0 Wuzhi CMS v4.1.0 contains a remote code execution (RCE) vulnerability in \attachment\admin\index.php. | 8.8 |
| 2021-09-27 | CVE-2020-24930 | Unspecified vulnerability in Wuzhicms 4.1.0 Beijing Wuzhi Internet Technology Co., Ltd. | 8.1 |
| 2021-09-21 | CVE-2020-19551 | Incorrect Authorization vulnerability in Wuzhicms Blacklist bypass issue exists in WUZHI CMS up to and including 4.1.0 in common.func.php, which when uploaded can cause remote code executiong. | 8.8 |
| 2021-08-20 | CVE-2020-18877 | SQL Injection vulnerability in Wuzhicms 4.1.0 SQL Injection in Wuzhi CMS v4.1.0 allows remote attackers to obtain sensitive information via the 'flag' parameter in the component '/coreframe/app/order/admin/index.php'. | 7.5 |
| 2018-10-29 | CVE-2018-18712 | Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms Wuzhi CMS 4.1.0 An issue was discovered in WUZHI CMS 4.1.0. | 8.8 |
| 2018-10-29 | CVE-2018-18711 | Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms Wuzhi CMS 4.1.0 An issue was discovered in WUZHI CMS 4.1.0. | 8.8 |