Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zzcms zzcms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-44361
An issue exists in ZZCMS 2022. There is a cross-site scripting (XSS) vulnerability in admin/ad_list.php.
Zzcms Zzcms 2022
5
CVSSv2
CVE-2018-14961
dl/dl_sendmail.php in zzcms 8.3 has SQL Injection via the sql parameter.
Zzcms Zzcms 8.3
5
CVSSv2
CVE-2021-45286
Directory Traversal vulnerability exists in ZZCMS 2021 via the skin parameter in 1) index.php, 2) bottom.php, and 3) top_index.php.
Zzcms Zzcms 2021
5
CVSSv2
CVE-2021-45347
An Incorrect Access Control vulnerability exists in zzcms 8.2, which lets a malicious user bypass authentication by changing the user name in the cookie to use any password.
Zzcms Zzcms 8.2
6.5
CVSSv2
CVE-2018-17414
zzcms v8.3 has a SQL injection in /user/jobmanage.php via the bigclass parameter.
Zzcms Zzcms 8.3
6.4
CVSSv2
CVE-2019-8411
admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote malicious users to delete arbitrary files via action=del&filename=../ directory traversal.
Zzcms Zzcms 2018
7.5
CVSSv2
CVE-2018-18785
An issue exists in zzcms 8.3. SQL Injection exists in zs/subzs.php with a zzcmscpid cookie to zs/search.php.
Zzcms Zzcms 8.3
7.5
CVSSv2
CVE-2018-17412
zzcms v8.3 contains a SQL Injection vulnerability in /user/logincheck.php via an X-Forwarded-For HTTP header.
Zzcms Zzcms 8.3
4.3
CVSSv2
CVE-2018-17413
XSS exists in zzcms v8.3 via the /uploadimg_form.php noshuiyin parameter.
Zzcms Zzcms 8.3
6.5
CVSSv2
CVE-2018-17416
A SQL injection vulnerability exists in zzcms v8.3 via the /admin/adclass.php bigclassid parameter.
Zzcms Zzcms 8.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »