Known Vulnerabilities for JizhiCMS by Na
Listed below are 8 of the newest known vulnerabilities associated with "JizhiCMS" by "Na".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-6978 json | A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialchars_decode of the fil... | Not Provided | 2026-04-25 | 2026-04-27 |
| CVE-2025-70397 json | jizhicms 2.5.6 is vulnerable to SQL Injection in Article/deleteAll and Extmolds/deleteAll via the data parameter. | Not Provided | 2026-02-17 | 2026-07-05 |
| CVE-2025-50229 json | Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module. | Not Provided | 2026-04-23 | 2026-04-24 |
| CVE-2025-50228 json | Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery (SSRF) in User Evaluation, Message, and Comment modules. | Not Provided | 2026-04-09 | 2026-04-14 |
| CVE-2025-25785 json | JizhiCMS v2.5.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component \c\PluginsController.php. Th... | Not Provided | 2025-02-26 | 2026-07-05 |
| CVE-2025-25784 json | An arbitrary file upload vulnerability in the component \c\TemplateController.php of Jizhicms v2.5.4 allows attackers to exec... | Not Provided | 2025-02-26 | 2026-07-05 |
| CVE-2024-32161 json | jizhiCMS 2.5 suffers from a File upload vulnerability. | Not Provided | 2024-04-17 | 2026-07-05 |
| CVE-2020-21228 json | JIZHICMS 1.5.1 contains a cross-site scripting (XSS) vulnerability in the component /user/release.html, which allows attacker... | Not Provided | 2021-10-01 | 2026-07-04 |