Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zzcms zzcms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-1000653
zzcms version 8.3 and previous versions contains a SQL Injection vulnerability in zt/top.php line 5 that can result in could be attacked by sql injection in zzcms in nginx. This attack appear to be exploitable via running zzcms in nginx.
Zzcms Zzcms
NA
CVE-2023-42398
An issue in zzCMS v.2023 allows a remote malicious user to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php.
Zzcms Zzcms 2023
NA
CVE-2022-40443
An absolute path traversal vulnerability in ZZCMS 2022 allows malicious users to obtain sensitive information via a crafted GET request sent to /one/siteinfo.php.
Zzcms Zzcms 2022
NA
CVE-2022-40444
ZZCMS 2022 exists to contain a full path disclosure vulnerability via the page /admin/index.PHP? _server.
Zzcms Zzcms 2022
NA
CVE-2022-40446
ZZCMS 2022 exists to contain a SQL injection vulnerability via the component /admin/sendmailto.php?tomail=&groupid=.
Zzcms Zzcms 2022
NA
CVE-2022-40447
ZZCMS 2022 exists to contain a SQL injection vulnerability via the keyword parameter at /admin/baojia_list.php.
Zzcms Zzcms 2022
6.8
CVSSv2
CVE-2021-46436
An issue exists in ZZCMS 2021. There is a SQL injection vulnerability in ad_manage.php.
Zzcms Zzcms 2021
3.5
CVSSv2
CVE-2021-46437
An issue exists in ZZCMS 2021. There is a cross-site scripting (XSS) vulnerability in ad_manage.php.
Zzcms Zzcms 2021
NA
CVE-2023-36162
Cross Site Request Forgery vulnerability in ZZCMS v.2023 and previous versions allows a remote malicious user to gain privileges via the add function in adminlist.php.
Zzcms Zzcms 2023
NA
CVE-2023-50104
ZZCMS 2023 has a file upload vulnerability in 3/E_bak5.1/upload/index.php, allowing malicious users to exploit this loophole to gain server privileges and execute arbitrary code.
Zzcms Zzcms 2023
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »