Filtered by vendor Jizhicms
Subscriptions
Filtered by product Jizhicms
Subscriptions
Total
23 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-27235 | 1 Jizhicms | 1 Jizhicms | 2024-08-02 | 7.2 High |
An arbitrary file upload vulnerability in the \admin\c\CommonController.php component of Jizhicms v2.4.5 allows attackers to execute arbitrary code via a crafted phtml file. | ||||
CVE-2023-2927 | 1 Jizhicms | 1 Jizhicms | 2024-08-02 | 6.3 Medium |
A vulnerability was found in JIZHICMS 2.4.5. It has been classified as critical. Affected is the function index of the file TemplateController.php. The manipulation of the argument webapi leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-230082 is the identifier assigned to this vulnerability. | ||||
CVE-2024-32161 | 1 Jizhicms | 1 Jizhicms | 2024-08-02 | 9.8 Critical |
jizhiCMS 2.5 suffers from a File upload vulnerability. |