CVE-2018-11722

WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the 'code' parameter, because 'UC_KEY' is hard coded.
References
Link Resource
https://github.com/wuzhicms/wuzhicms/issues/141 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:wuzhicms:wuzhicms:4.1.0:*:*:*:*:*:*:*

Information

Published : 2018-06-05 12:29

Updated : 2018-07-23 01:17


NVD link : CVE-2018-11722

Mitre link : CVE-2018-11722

Products Affected
No products.
CWE