Vulnerability CVE-2023-50692
Published: 2023-12-28

Description:
File Upload vulnerability in JIZHICMS v.2.5, allows remote attacker to execute arbitrary code via a crafted file uploaded and downloaded to the download_url parameter in the app/admin/exts/ directory.

 References:
https://github.com/Cherry-toto/jizhicms/issues/91
Copyright 2026, cxsecurity.com

 

Back to Top