CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17426
https://notcve.org/view.php?id=CVE-2018-17426
WUZHI CMS 4.1.0 has stored XSS via the "Extension module" "SMS in station" field under the index.php?m=core URI. WUZHI CMS, en su versión 4.1.0, tiene Cross-Site Scripting (XSS) persistente mediante los campos "Extension module" y "SMS in station" en el URI index.php?m=core. • https://github.com/wuzhicms/wuzhicms/issues/154 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17425
https://notcve.org/view.php?id=CVE-2018-17425
WUZHI CMS 4.1.0 has stored XSS via the "Membership Center" "I want to ask" "detailed description" field under the index.php?m=member URI. WUZHI CMS, en su versión 4.1.0, tiene Cross-Site Scripting (XSS) persistente mediante los campos "Membership Center", "I want to ask" y "detailed description" en el URI index.php?m=member. • https://github.com/wuzhicms/wuzhicms/issues/153 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2019-9107
https://notcve.org/view.php?id=CVE-2019-9107
XSS exists in WUZHI CMS 4.1.0 via index.php?m=attachment&f=imagecut&v=init&imgurl=[XSS] to coreframe/app/attachment/imagecut.php. Existe Cross-Site Scripting (XSS) en WUZHI CMS 4.1.0 mediante index.php?m=attachmentf=imagecutv=initimgurl=[XSS] en coreframe/app/attachment/imagecut.php. • https://gist.github.com/redeye5/ccbbc43330cc9821062249b78c916317 https://github.com/wuzhicms/wuzhicms/issues/169 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2019-9110
https://notcve.org/view.php?id=CVE-2019-9110
XSS exists in WUZHI CMS 4.1.0 via index.php?m=content&f=postinfo&v=listing&set_iframe=[XSS] to coreframe/app/content/postinfo.php. Existe Cross-Site Scripting (XSS) en WUZHI CMS 4.1.0 mediante index.php?m=contentf=postinfov=listingset_iframe=[XSS] en coreframe/app/content/postinfo.php. • https://gist.github.com/redeye5/470708bd27ed115b29d0434255b9f7a0 https://github.com/wuzhicms/wuzhicms/issues/170 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2019-9108
https://notcve.org/view.php?id=CVE-2019-9108
XSS exists in WUZHI CMS 4.1.0 via index.php?m=core&f=map&v=baidumap&x=[XSS]&y=[XSS] to coreframe/app/core/map.php. Existe Cross-Site Scripting (XSS) en WUZHI CMS 4.1.0 mediante index.php?m=coref=mapv=baidumapx=[XSS]y=[XSS] en coreframe/app/core/map.php. • https://gist.github.com/redeye5/ebfef23f0a063b82779151f9cde8e480 https://github.com/wuzhicms/wuzhicms/issues/171 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •