CVE-2023-52064 in wuzhicms
Summary
by MITRE • 01/10/2024
Wuzhicms v4.1.0 was discovered to contain a SQL injection vulnerability via the $keywords parameter at /core/admin/copyfrom.php.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 06/04/2025
The vulnerability identified as CVE-2023-52064 affects Wuzhicms version 4.1.0 and represents a critical SQL injection flaw that can be exploited through the $keywords parameter within the /core/admin/copyfrom.php file. This vulnerability falls under the CWE-89 category of SQL Injection, which is classified as a severe weakness in web applications that allows attackers to manipulate database queries through malicious input. The flaw specifically manifests when user-supplied input is directly incorporated into SQL query construction without proper sanitization or parameterization, creating an avenue for unauthorized database access and potential data compromise.
The technical execution of this vulnerability occurs when an attacker manipulates the $keywords parameter to inject malicious SQL code into the application's database layer. This parameter is processed within the copyfrom.php administrative script, which suggests that the vulnerability may be exploitable through administrative functions, potentially allowing attackers to escalate privileges or gain unauthorized access to sensitive system information. The vulnerability's impact is amplified because it resides in an administrative component, which typically has elevated privileges and access to critical system data. Attackers could leverage this weakness to extract sensitive information such as user credentials, database schema details, or other confidential data stored within the application's backend systems.
From an operational standpoint, this vulnerability poses significant risks to organizations using Wuzhicms v4.1.0, as it enables remote code execution capabilities through SQL injection techniques. The attack surface extends beyond simple data theft to include potential system compromise and full database access. The vulnerability's classification aligns with ATT&CK technique T1190 which covers exploitation of remote services, and T1071.005 which covers application layer protocol usage. Organizations may face regulatory compliance issues and data breach notifications if this vulnerability is exploited, particularly given the administrative nature of the affected component. The impact extends to business continuity as successful exploitation could result in complete database compromise, data loss, or unauthorized modification of content managed by the CMS.
Mitigation strategies for CVE-2023-52064 should prioritize immediate patching of the Wuzhicms application to the latest version that addresses this vulnerability. Organizations should implement input validation and parameterized queries to prevent similar issues in future deployments. Network segmentation and access controls should be enforced around administrative interfaces to limit potential attack vectors. Additionally, implementing web application firewalls and database activity monitoring can provide additional layers of defense. The vulnerability highlights the importance of regular security assessments and proper input sanitization practices as outlined in OWASP Top Ten 2021 category A03: Injection, which emphasizes the need for robust input validation and parameterized queries to prevent injection attacks. Security teams should also consider implementing automated vulnerability scanning tools to identify similar weaknesses in other applications within their infrastructure.