Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zzcms zzcms 2019 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-19960
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows malicious users to retrieve sensitive data via the dlid parameter in the /dl/dl_sendsms.php page cookie.
Zzcms Zzcms 2019
5
CVSSv2
CVE-2020-19957
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows malicious users to retrieve sensitive data via the id parameter on the /dl/dl_print.php page.
Zzcms Zzcms 2019
5
CVSSv2
CVE-2020-19959
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows malicious users to retrieve sensitive data via the dlid parameter in the /dl/dl_sendmail.php page cookie.
Zzcms Zzcms 2019
5
CVSSv2
CVE-2020-19961
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows malicious users to retrieve sensitive data via the component subzs.php.
Zzcms Zzcms 2019
4.3
CVSSv2
CVE-2020-19042
Cross Site Scripting (XSS) vulnerability exists in zzcms 2019 XSS via a modify action in user/adv.php.
Zzcms Zzcms 2019
3.5
CVSSv2
CVE-2019-9078
zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter because inc/stopsqlin.php does not block a mixed-case string such as sCrIpT.
Zzcms Zzcms 2019
3.5
CVSSv2
CVE-2020-20285
There is a XSS in the user login page in zzcms 2019. Users can inject js code by the referer header via user/login.php
Zzcms Zzcms 2019
6.5
CVSSv2
CVE-2019-12356
An issue exists in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter.
Zzcms Zzcms 2019
1 Github repository
7.5
CVSSv2
CVE-2019-12348
An issue exists in zzcms 2019. SQL Injection exists in user/ztconfig.php via the daohang or img POST parameter.
Zzcms Zzcms 2019
7.5
CVSSv2
CVE-2019-12349
An issue exists in zzcms 2019. SQL Injection exists in /admin/dl_sendsms.php via the id parameter.
Zzcms Zzcms 2019
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »