Wuzhi Cms Project Wuzhi Cms — known CVE vulnerabilities
Every CVE whose affected-product data names Wuzhi Cms Project Wuzhi Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2018-14515 — CVSS 9.8 (critical): A SQL injection was discovered in WUZHI CMS 4.1.0 that allows remote attackers to inject a malicious SQL statement via the…
CVE-2018-15893 — CVSS 9.8 (critical): A SQL injection was discovered in /coreframe/app/admin/copyfrom.php in WUZHI CMS 4.1.0 via the index.php?m=core&f=copyfrom&v=listing…
CVE-2018-17852 — CVSS 9.8 (critical): A SQL injection was discovered in WUZHI CMS 4.1.0 in coreframe/app/coupon/admin/card.php via the groupname parameter to the…
CVE-2018-15894 — CVSS 9.8 (critical): A SQL injection was discovered in /coreframe/app/admin/pay/admin/index.php in WUZHI CMS 4.1.0 via the index.php?m=pay&f=index&v=listing…
CVE-2018-14513 — CVSS 6.1 (medium): An XSS vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent XSS that allows remote attackers to inject arbitrary web script…
CVE-2018-18939 — CVSS 4.8 (medium): An issue was discovered in WUZHI CMS 4.1.0. There is stored XSS in index.php?m=core&f=index via a seventh input field.