Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:jizhicms:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductJizhicms (c589543b-f69d-55b6-bc04-6e19fa626d77)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-2639 vulnerable 2026-06-08 07:16:57.952456 JIZHICMS Article release.html improper authorization
MEDIUM (4.3)
A vulnerability has been found in JIZHICMS up to 1.7.0 and classified as problematic. This vulnerability affects unknown code of the file /user/release.html of the component Article Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-23T02:31:04.017Z
Updated: 2025-03-24T14:25:12.626Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-2638 vulnerable 2026-06-08 07:16:57.951890 JIZHICMS Article release.html improper authorization
MEDIUM (4.3)
A vulnerability, which was classified as problematic, was found in JIZHICMS up to 1.7.0. This affects an unknown part of the file /user/release.html of the component Article Handler. The manipulation of the argument ishot with the input 1 leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-23T01:31:04.473Z
Updated: 2025-03-24T13:59:00.504Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-2637 vulnerable 2026-06-08 07:16:57.950294 JIZHICMS Account Profile Page userinfo.html improper authorization
MEDIUM (4.3)
A vulnerability, which was classified as problematic, has been found in JIZHICMS up to 1.7.0. Affected by this issue is some unknown functionality of the file /user/userinfo.html of the component Account Profile Page. The manipulation of the argument jifen leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-23T00:00:09.407Z
Updated: 2025-03-24T13:59:38.144Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-2927 vulnerable 2026-06-08 06:02:43.666106 JIZHICMS TemplateController.php index server-side request forgery
MEDIUM (6.3)
A vulnerability was found in JIZHICMS 2.4.5. It has been classified as critical. Affected is the function index of the file TemplateController.php. The manipulation of the argument webapi leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-230082 is the identifier assigned to this vulnerability.
Published: 2023-05-27T09:00:04.620Z
Updated: 2024-08-02T06:41:03.904Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.