Vulnerabilities > Wuzhicms > Wuzhi CMS > High

DATE CVE VULNERABILITY TITLE RISK
2021-09-28 CVE-2020-20124 Code Injection vulnerability in Wuzhicms Wuzhi CMS 4.1.0
Wuzhi CMS v4.1.0 contains a remote code execution (RCE) vulnerability in \attachment\admin\index.php.
network
low complexity
wuzhicms CWE-94
8.8
2018-10-29 CVE-2018-18712 Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms Wuzhi CMS 4.1.0
An issue was discovered in WUZHI CMS 4.1.0.
network
low complexity
wuzhicms CWE-352
8.8
2018-10-29 CVE-2018-18711 Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms Wuzhi CMS 4.1.0
An issue was discovered in WUZHI CMS 4.1.0.
network
low complexity
wuzhicms CWE-352
8.8
2018-05-26 CVE-2018-11493 Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms Wuzhi CMS 4.1.0
An issue was discovered in WUZHI CMS 4.1.0.
network
low complexity
wuzhicms CWE-352
8.8
2018-04-24 CVE-2018-10312 Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms Wuzhi CMS 4.1.0
index.php?m=member&v=pw_reset in WUZHI CMS 4.1.0 allows CSRF to change the password of a common member.
network
low complexity
wuzhicms CWE-352
8.8