Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zzcms zzcms 2020 vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2021-40279
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/bad.php.
Zzcms Zzcms 8.2
Zzcms Zzcms 8.3
Zzcms Zzcms 2020
Zzcms Zzcms 2021
7.2
CVSSv3
CVE-2021-40280
An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/dl_sendmail.php.
Zzcms Zzcms 8.2
Zzcms Zzcms 8.3
Zzcms Zzcms 2020
Zzcms Zzcms 2021
8.8
CVSSv3
CVE-2021-40281
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 in dl/dl_print.php when registering ordinary users.
Zzcms Zzcms 8.2
Zzcms Zzcms 8.3
Zzcms Zzcms 2020
Zzcms Zzcms 2021
8.8
CVSSv3
CVE-2021-40282
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, abd 2021 in dl/dl_download.php. when registering ordinary users.
Zzcms Zzcms 8.2
Zzcms Zzcms 8.3
Zzcms Zzcms 2020
Zzcms Zzcms 2021
5.4
CVSSv3
CVE-2020-35973
An issue exists in zzcms2020. There is a XSS vulnerability that can insert and execute JS code arbitrarily via /user/manage.php.
Zzcms Zzcms 2020
9.8
CVSSv3
CVE-2020-23426
zzcms 201910 contains an access control vulnerability through escalation of privileges in /user/adv.php, which allows an malicious user to modify data for further attacks such as CSRF.
Zzcms Zzcms 201910
8.8
CVSSv3
CVE-2020-23630
A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection).
Zzcms Zzcms 201910
6.1
CVSSv3
CVE-2020-19042
Cross Site Scripting (XSS) vulnerability exists in zzcms 2019 XSS via a modify action in user/adv.php.
Zzcms Zzcms 2019
7.2
CVSSv3
CVE-2020-19822
A remote code execution (RCE) vulnerability in template_user.php of ZZCMS version 2018 allows malicious users to execute arbitrary PHP code via the "ml" and "title" parameters.
Zzcms Zzcms 2018
7.5
CVSSv3
CVE-2020-19961
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows malicious users to retrieve sensitive data via the component subzs.php.
Zzcms Zzcms 2019
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »