Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:wuzhicms:wuzhicms:4.0.1:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-28145 |
Arbitrary file deletion vulnerability was discovered in wuzhicms v 4.0.1 via coreframe\app\attachment\admin\index.php, which allows attackers to access sensitive information. Published: October 12, 2021; 7:15:07 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2020-19553 |
Cross Site Scripting (XSS) vlnerability exists in WUZHI CMS up to and including 4.1.0 in the config function in coreframe/app/attachment/libs/class/ckditor.class.php. Published: September 21, 2021; 3:15:07 PM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2020-19551 |
Blacklist bypass issue exists in WUZHI CMS up to and including 4.1.0 in common.func.php, which when uploaded can cause remote code executiong. Published: September 21, 2021; 3:15:07 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |