Vulnerabilities (CVE)

Filtered by vendor Wuzhi Cms Project Subscribe

Filtered by product Wuzhi Cms

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-18939	1 Wuzhi Cms Project	1 Wuzhi Cms	2018-11-15	3.5 LOW	4.8 MEDIUM
An issue was discovered in WUZHI CMS 4.1.0. There is stored XSS in index.php?m=core&f=index via a seventh input field.
CVE-2018-16349	1 Wuzhi Cms Project	1 Wuzhi Cms	2018-10-23	4.3 MEDIUM	6.1 MEDIUM
WUZHI CMS 4.1.0 has XSS via the index.php?m=link&f=index&v=add form[remark] parameter.
CVE-2018-16350	1 Wuzhi Cms Project	1 Wuzhi Cms	2018-10-23	4.3 MEDIUM	6.1 MEDIUM
WUZHI CMS 4.1.0 has XSS via the index.php?m=core&f=set&v=basic form[statcode] parameter.
CVE-2018-14513	1 Wuzhi Cms Project	1 Wuzhi Cms	2018-09-14	4.3 MEDIUM	6.1 MEDIUM
An XSS vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent XSS that allows remote attackers to inject arbitrary web script or HTML via the form[content] parameter to the index.php?m=feedback&f=index&v=contact URI.