Wenkucms Project

wenkucms_project

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Wenkucms

wenkucms

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-11138 1Wenkucms Project 1Wenkucms Apr 29, 2026 Sep 29, 2025 2.1 LOW· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability was found in mirweiye wenkucms up to 3.4. This impacts the function createPathOne of the file app/common/common.php. The manipulation results in os command injection. The attack may be launched remotely....Show more A vulnerability was found in mirweiye wenkucms up to 3.4. This impacts the function createPathOne of the file app/common/common.php. The manipulation results in os command injection. The attack may be launched remotely. The exploit has been made public and could be used.Show less
CVE-2020-19157 1Wenkucms Project 1Wenkucms Nov 21, 2024 Sep 15, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross Site Scripting (CSS) in Wenku CMS v3.4 allows remote attackers to execute arbitrary code via the 'Intro' parameter for the component '/index.php?m=ucenter&a=index'.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2025-11138

1Wenkucms Project

1Wenkucms

Apr 29, 2026

Sep 29, 2025

2.1 LOW· v4

8.8 HIGH· v3

6.5 MEDIUM· v2

A vulnerability was found in mirweiye wenkucms up to 3.4. This impacts the function createPathOne of the file app/common/common.php. The manipulation results in os command injection. The attack may be launched remotely....Show more

CVE-2020-19157

1Wenkucms Project

1Wenkucms

Nov 21, 2024

Sep 15, 2021

N/A· v4

6.1 MEDIUM· v3

4.3 MEDIUM· v2

Cross Site Scripting (CSS) in Wenku CMS v3.4 allows remote attackers to execute arbitrary code via the 'Intro' parameter for the component '/index.php?m=ucenter&a=index'.