Supersalsa20

**Name of the Vulnerable Software and Affected Versions** WUZHICMS version 4.1.0 **Description** A SQL injection issue allows a remote attacker to execute arbitrary code via the `checktitle()` function in `admin/content.php`. **Recommendations** For WUZHICMS version 4.1.0, consider disabling the `checktitle()` function in `admin/content.php` as a temporary workaround until a patch is available. Restrict access to the `admin/content.php` file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Wuzhi CMS version 4.1 Description: The issue is related to a SQL injection vulnerability in the `checktitle()` function located in the `/coreframe/app/content/admin/content.php` file. This vulnerability can be exploited through the API endpoint `/coreframe/app/content/admin/content.php`. The `checktitle()` function is vulnerable, and the `content.php` file is the specific location of the issue. Recommendations: For Wuzhi CMS version 4.1, consider disabling the `checktitle()` function until a patch is available to prevent potential SQL injection attacks. Restrict access to the `/coreframe/app/content/admin/content.php` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.