CVE-2024-2015
- EPSS 0.14%
- Published 21.03.2024 02:52:26
- Last modified 19.05.2025 13:03:50
A vulnerability, which was classified as critical, has been found in ZhiCms 4.0. This issue affects the function getindexdata of the file app/index/controller/mcontroller.php. The manipulation of the argument key leads to sql injection. The attack ma...
CVE-2024-2016
- EPSS 0.18%
- Published 21.03.2024 02:52:26
- Last modified 19.05.2025 13:09:09
A vulnerability, which was classified as critical, was found in ZhiCms 4.0. Affected is the function index of the file app/manage/controller/setcontroller.php. The manipulation of the argument sitename leads to code injection. It is possible to launc...
CVE-2024-0603
- EPSS 0.2%
- Published 16.01.2024 22:15:38
- Last modified 21.11.2024 08:46:58
A vulnerability classified as critical has been found in ZhiCms up to 4.0. This affects an unknown part of the file app/plug/controller/giftcontroller.php. The manipulation of the argument mylike leads to deserialization. It is possible to initiate t...