Vulnerabilities (CVE)

Filtered by vendor Wuzhi Cms Project Subscribe

Filtered by product Wuzhi Cms

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-17852	1 Wuzhi Cms Project	1 Wuzhi Cms	2018-11-21	7.5 HIGH	9.8 CRITICAL
A SQL injection was discovered in WUZHI CMS 4.1.0 in coreframe/app/coupon/admin/card.php via the groupname parameter to the /index.php?m=coupon&f=card&v=detail_listing URI.
CVE-2018-15893	1 Wuzhi Cms Project	1 Wuzhi Cms	2018-10-23	7.5 HIGH	9.8 CRITICAL
A SQL injection was discovered in /coreframe/app/admin/copyfrom.php in WUZHI CMS 4.1.0 via the index.php?m=core&f=copyfrom&v=listing keywords parameter.
CVE-2018-15894	1 Wuzhi Cms Project	1 Wuzhi Cms	2018-10-23	7.5 HIGH	9.8 CRITICAL
A SQL injection was discovered in /coreframe/app/admin/pay/admin/index.php in WUZHI CMS 4.1.0 via the index.php?m=pay&f=index&v=listing keyValue parameter.
CVE-2018-14515	1 Wuzhi Cms Project	1 Wuzhi Cms	2018-09-14	7.5 HIGH	9.8 CRITICAL
A SQL injection was discovered in WUZHI CMS 4.1.0 that allows remote attackers to inject a malicious SQL statement via the index.php?m=promote&f=index&v=search keywords parameter.