Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zzcms zzcms 2020 vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2021-40279
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/bad.php.
Zzcms Zzcms 8.2
Zzcms Zzcms 8.3
Zzcms Zzcms 2020
Zzcms Zzcms 2021
8.8
CVSSv3
CVE-2021-40281
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 in dl/dl_print.php when registering ordinary users.
Zzcms Zzcms 8.2
Zzcms Zzcms 8.3
Zzcms Zzcms 2020
Zzcms Zzcms 2021
7.2
CVSSv3
CVE-2021-40280
An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/dl_sendmail.php.
Zzcms Zzcms 8.2
Zzcms Zzcms 8.3
Zzcms Zzcms 2020
Zzcms Zzcms 2021
8.8
CVSSv3
CVE-2021-40282
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, abd 2021 in dl/dl_download.php. when registering ordinary users.
Zzcms Zzcms 8.2
Zzcms Zzcms 8.3
Zzcms Zzcms 2020
Zzcms Zzcms 2021
5.4
CVSSv3
CVE-2020-35973
An issue exists in zzcms2020. There is a XSS vulnerability that can insert and execute JS code arbitrarily via /user/manage.php.
Zzcms Zzcms 2020
7.5
CVSSv3
CVE-2020-19957
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows malicious users to retrieve sensitive data via the id parameter on the /dl/dl_print.php page.
Zzcms Zzcms 2019
7.5
CVSSv3
CVE-2020-19959
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows malicious users to retrieve sensitive data via the dlid parameter in the /dl/dl_sendmail.php page cookie.
Zzcms Zzcms 2019
7.5
CVSSv3
CVE-2020-19960
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows malicious users to retrieve sensitive data via the dlid parameter in the /dl/dl_sendsms.php page cookie.
Zzcms Zzcms 2019
7.5
CVSSv3
CVE-2020-19961
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows malicious users to retrieve sensitive data via the component subzs.php.
Zzcms Zzcms 2019
7.2
CVSSv3
CVE-2020-19822
A remote code execution (RCE) vulnerability in template_user.php of ZZCMS version 2018 allows malicious users to execute arbitrary PHP code via the "ml" and "title" parameters.
Zzcms Zzcms 2018
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »