← Back to CVE List
CVE-2021-41654
SQL injection vulnerabilities exist in Wuzhicms v4.1.0 which allows attackers to execute arbitrary SQL commands via the $keyValue parameter in /coreframe/app/pay/admin/index.php
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt