Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zzcms zzcms 8.2 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-40279
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/bad.php.
Zzcms Zzcms 8.2
Zzcms Zzcms 8.3
Zzcms Zzcms 2020
Zzcms Zzcms 2021
6.5
CVSSv2
CVE-2021-40280
An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/dl_sendmail.php.
Zzcms Zzcms 8.2
Zzcms Zzcms 8.3
Zzcms Zzcms 2020
Zzcms Zzcms 2021
6.5
CVSSv2
CVE-2021-40281
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 in dl/dl_print.php when registering ordinary users.
Zzcms Zzcms 8.2
Zzcms Zzcms 8.3
Zzcms Zzcms 2020
Zzcms Zzcms 2021
6.5
CVSSv2
CVE-2021-40282
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, abd 2021 in dl/dl_download.php. when registering ordinary users.
Zzcms Zzcms 8.2
Zzcms Zzcms 8.3
Zzcms Zzcms 2020
Zzcms Zzcms 2021
6.4
CVSSv2
CVE-2018-8968
An issue exists in zzcms 8.2. user/manage.php allows remote malicious users to delete arbitrary files via directory traversal sequences in the oldimg or oldflv parameter in an action=modify request. This can be leveraged for database access by deleting install.lock.
Zzcms Zzcms 8.2
5
CVSSv2
CVE-2021-45347
An Incorrect Access Control vulnerability exists in zzcms 8.2, which lets a malicious user bypass authentication by changing the user name in the cookie to use any password.
Zzcms Zzcms 8.2
5
CVSSv2
CVE-2018-7434
zzcms 8.2 allows remote malicious users to discover the full path via a direct request to 3/qq_connect2.0/API/class/ErrorCase.class.php or 3/ucenter_api/code/friend.php.
Zzcms Zzcms 8.2
6.4
CVSSv2
CVE-2018-9331
An issue exists in zzcms 8.2. user/adv.php allows remote malicious users to delete arbitrary files via directory traversal sequences in the oldimg parameter. This can be leveraged for database access by deleting install.lock.
Zzcms Zzcms 8.2
6.4
CVSSv2
CVE-2018-8969
An issue exists in zzcms 8.2. user/licence_save.php allows remote malicious users to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock.
Zzcms Zzcms 8.2
6.4
CVSSv2
CVE-2018-8965
An issue exists in zzcms 8.2. user/ppsave.php allows remote malicious users to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock.
Zzcms Zzcms 8.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »