CVE-2023-46482

Name of the Vulnerable Software and Affected Versions wuzhicms version 4.1.0

Description The issue allows a remote attacker to execute arbitrary code via the Database Backup Functionality in the coreframe/app/database/admin/index.php component. This is a SQL injection vulnerability.

Recommendations For wuzhicms version 4.1.0, consider disabling the Database Backup Functionality in the coreframe/app/database/admin/index.php component until a patch is available. Restrict access to this component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.