Known Vulnerabilities for Wuzhi Cms by Wuzhicms
Listed below are 10 of the newest known vulnerabilities associated with "Wuzhi Cms" by "Wuzhicms".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-31860 json | Wuzhi CMS v3.1.2 has a storage type XSS vulnerability in the backend of the Five Finger CMS b2b system. | 5.4 - MEDIUM | 2023-05-23 | 2023-06-21 |
| CVE-2022-27431 json | Wuzhicms v4.1.0 was discovered to contain a SQL injection vulnerability via the groupid parameter at /coreframe/app/member/ad... | 9.8 - CRITICAL | 2022-05-04 | 2022-05-11 |
| CVE-2020-20124 json | Wuzhi CMS v4.1.0 contains a remote code execution (RCE) vulnerability in \attachment\admin\index.php. | 8.8 - HIGH | 2021-09-28 | 2022-09-14 |
| CVE-2020-20122 json | Wuzhi CMS v4.1 contains a SQL injection vulnerability in the checktitle() function in /coreframe/app/content/admin/content.ph... | 9.8 - CRITICAL | 2021-09-28 | 2021-10-06 |
| CVE-2020-19897 json | A reflected Cross Site Scripting (XSS) in wuzhicms v4.1.0 allows remote attackers to execute arbitrary web script or HTML via... | 6.1 - MEDIUM | 2022-06-28 | 2022-07-07 |
| CVE-2020-19770 json | A cross-site scripting (XSS) vulnerability in the system bulletin component of WUZHI CMS v4.1.0 allows attackers to steal the... | 5.4 - MEDIUM | 2021-12-21 | 2021-12-30 |
| CVE-2019-9110 json | XSS exists in WUZHI CMS 4.1.0 via index.php?m=content&f=postinfo&v=listing&set_iframe=[XSS] to coreframe/app/content/postinfo... | 6.1 - MEDIUM | 2019-02-25 | 2019-02-25 |
| CVE-2019-9109 json | XSS exists in WUZHI CMS 4.1.0 via index.php?m=message&f=message&v=add&username=[XSS] to coreframe/app/message/message.php. | 6.1 - MEDIUM | 2019-02-25 | 2019-02-25 |
| CVE-2019-9107 json | XSS exists in WUZHI CMS 4.1.0 via index.php?m=attachment&f=imagecut&v=init&imgurl=[XSS] to coreframe/app/attachment/imagecut.... | 6.1 - MEDIUM | 2019-02-25 | 2019-02-25 |
| CVE-2018-18938 json | An issue was discovered in WUZHI CMS 4.1.0. There is stored XSS in index.php?m=core&f=index via an ontoggle attribute to deta... | 4.8 - MEDIUM | 2018-11-05 | 2018-11-16 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Wuzhicms | Wuzhi Cms | 4.1.0 | |||
| Application | Wuzhicms | Wuzhi Cms | 4.0.0 | |||
| Application | Wuzhicms | Wuzhi Cms | 3.1.3 | |||
| Application | Wuzhicms | Wuzhi Cms | 3.1.2 | |||
| Application | Wuzhicms | Wuzhi Cms | 3.1.1 | |||
| Application | Wuzhicms | Wuzhi Cms | 3.1.0.2 | |||
| Application | Wuzhicms | Wuzhi Cms | 3.1.0.1 | |||
| Application | Wuzhicms | Wuzhi Cms | 3.1.0 | |||
| Application | Wuzhicms | Wuzhi Cms | 3.0.4.0 | |||
| Application | Wuzhicms | Wuzhi Cms | 3.0.4 | |||
| Application | Wuzhicms | Wuzhi Cms | 3.0.3.0 | |||
| Application | Wuzhicms | Wuzhi Cms | 3.0.3 | |||
| Application | Wuzhicms | Wuzhi Cms | 3.0.1 | |||
| Application | Wuzhicms | Wuzhi Cms | 3.0.0 | |||
| Application | Wuzhicms | Wuzhi Cms | 2.1.7 | |||
| Application | Wuzhicms | Wuzhi Cms | 2.1.6 | |||
| Application | Wuzhicms | Wuzhi Cms | 2.1.3 | |||
| Application | Wuzhicms | Wuzhi Cms | 2.1.2 | |||
| Application | Wuzhicms | Wuzhi Cms | 2.0.5 | |||
| Application | Wuzhicms | Wuzhi Cms | 2.0.4 |