CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jizhicms: >> Jizhicms >> 1.9.5 Security Vulnerabilities

CVE-2023-38948

An arbitrary file download vulnerability in the /c/PluginsController.php component of jizhi CMS 1.9.5 allows attackers to execute arbitrary code via downloading a crafted plugin.

CVSS Score

7.2

EPSS Score

0.002

Published

2023-08-03

CVE-2021-36484

SQL injection vulnerability in JIZHICMS 1.9.5 allows attackers to run arbitrary SQL commands via add or edit article page.

CVSS Score

9.8

EPSS Score

0.001

Published

2023-02-03

CVE-2022-27429

Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via /admin.php/Plugins/update.html.

CVSS Score

9.8

EPSS Score

0.003

Published

2022-04-25

Page 1

Vulnerabilities

Vulnerable Software

Jizhicms: >> Jizhicms >> 1.9.5 Security Vulnerabilities

Products

Pricing

Contact Us