yeyinshi
Products
1- 9 CVEs
Recent CVEs
9| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-26301 | Cri | 0.64 | 9.8 | 0.01 | Mar 24, 2022 | TuziCMS v2.0.6 was discovered to contain a SQL injection vulnerability via the component App\Manage\Controller\ZhuantiController.class.php. | ||
| CVE-2021-44349 | Cri | 0.64 | 9.8 | 0.01 | Dec 3, 2021 | SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameter in App\Manage\Controller\DownloadController.class.php. | ||
| CVE-2021-44348 | Cri | 0.64 | 9.8 | 0.01 | Dec 3, 2021 | SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameer in App\Manage\Controller\AdvertController.class.php. | ||
| CVE-2021-44347 | Cri | 0.64 | 9.8 | 0.01 | Dec 3, 2021 | SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController.class.php. | ||
| CVE-2019-16644 | Cri | 0.64 | 9.8 | 0.01 | Sep 20, 2019 | App\Home\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Zhuanti/group?id= substring. | ||
| CVE-2019-16659 | Hig | 0.57 | 8.8 | 0.01 | Sep 21, 2019 | TuziCMS 2.0.6 has index.php/manage/link/do_add CSRF. | ||
| CVE-2019-16658 | Hig | 0.57 | 8.8 | 0.01 | Sep 21, 2019 | TuziCMS 2.0.6 has index.php/manage/notice/do_add CSRF. | ||
| CVE-2018-10185 | Hig | 0.57 | 8.8 | 0.01 | Apr 17, 2018 | An issue was discovered in TuziCMS v2.0.6. There is a CSRF vulnerability that can add an admin account, as demonstrated by a history.pushState call. | ||
| CVE-2019-16657 | Med | 0.40 | 6.1 | 0.01 | Sep 21, 2019 | TuziCMS 2.0.6 has XSS via the PATH_INFO to a group URI, as demonstrated by index.php/article/group/id/2/. |
- risk 0.64cvss 9.8epss 0.01
TuziCMS v2.0.6 was discovered to contain a SQL injection vulnerability via the component App\Manage\Controller\ZhuantiController.class.php.
- risk 0.64cvss 9.8epss 0.01
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameter in App\Manage\Controller\DownloadController.class.php.
- risk 0.64cvss 9.8epss 0.01
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameer in App\Manage\Controller\AdvertController.class.php.
- risk 0.64cvss 9.8epss 0.01
SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController.class.php.
- risk 0.64cvss 9.8epss 0.01
App\Home\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Zhuanti/group?id= substring.
- risk 0.57cvss 8.8epss 0.01
TuziCMS 2.0.6 has index.php/manage/link/do_add CSRF.
- risk 0.57cvss 8.8epss 0.01
TuziCMS 2.0.6 has index.php/manage/notice/do_add CSRF.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in TuziCMS v2.0.6. There is a CSRF vulnerability that can add an admin account, as demonstrated by a history.pushState call.
- risk 0.40cvss 6.1epss 0.01
TuziCMS 2.0.6 has XSS via the PATH_INFO to a group URI, as demonstrated by index.php/article/group/id/2/.