Wenkucms Project: >> Wenkucms >> 3.4 Security Vulnerabilities
A vulnerability was found in mirweiye wenkucms up to 3.4. This impacts the function createPathOne of the file app/common/common.php. The manipulation results in os command injection. The attack may be launched remotely. The exploit has been made public and could be used.
CVSS Score
6.3
EPSS Score
0.004
Published
2025-09-29
Cross Site Scripting (CSS) in Wenku CMS v3.4 allows remote attackers to execute arbitrary code via the 'Intro' parameter for the component '/index.php?m=ucenter&a=index'.
CVSS Score
6.1
EPSS Score
0.005
Published
2021-09-15