Share:

CVE-2023-27235 - Jizhicms Jizhicms

March 15, 2023

Critical 7.2

An arbitrary file upload vulnerability in the \admin\c\CommonController.php component of Jizhicms v2.4.5 allows attackers to execute arbitrary code via a crafted phtml file.

Affected software

Jizhicms Jizhicms

Reference links

https://github.com/Cherry-toto/jizhicms/issues/85

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.