Page 2 of 33 results (0.004 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

Wuzhi CMS v4.1 contains a SQL injection vulnerability in the checktitle() function in /coreframe/app/content/admin/content.php. Wuzhi CMS versión v4.1, contiene una vulnerabilidad de inyección SQL en la función checktitle() en el archivo /coreframe/app/content/admin/content.php • https://github.com/SuperSalsa20/WUZHICMS-SQL-Injection/blob/master/README.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

WUZHI CMS 4.1.0 has stored XSS via the "Membership Center" "I want to ask" "detailed description" field under the index.php?m=member URI. WUZHI CMS, en su versión 4.1.0, tiene Cross-Site Scripting (XSS) persistente mediante los campos "Membership Center", "I want to ask" y "detailed description" en el URI index.php?m=member. • https://github.com/wuzhicms/wuzhicms/issues/153 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

WUZHI CMS 4.1.0 has stored XSS via the "Extension module" "SMS in station" field under the index.php?m=core URI. WUZHI CMS, en su versión 4.1.0, tiene Cross-Site Scripting (XSS) persistente mediante los campos "Extension module" y "SMS in station" en el URI index.php?m=core. • https://github.com/wuzhicms/wuzhicms/issues/154 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2

XSS exists in WUZHI CMS 4.1.0 via index.php?m=attachment&f=imagecut&v=init&imgurl=[XSS] to coreframe/app/attachment/imagecut.php. Existe Cross-Site Scripting (XSS) en WUZHI CMS 4.1.0 mediante index.php?m=attachmentf=imagecutv=initimgurl=[XSS] en coreframe/app/attachment/imagecut.php. • https://gist.github.com/redeye5/ccbbc43330cc9821062249b78c916317 https://github.com/wuzhicms/wuzhicms/issues/169 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2

XSS exists in WUZHI CMS 4.1.0 via index.php?m=content&f=postinfo&v=listing&set_iframe=[XSS] to coreframe/app/content/postinfo.php. Existe Cross-Site Scripting (XSS) en WUZHI CMS 4.1.0 mediante index.php?m=contentf=postinfov=listingset_iframe=[XSS] en coreframe/app/content/postinfo.php. • https://gist.github.com/redeye5/470708bd27ed115b29d0434255b9f7a0 https://github.com/wuzhicms/wuzhicms/issues/170 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •