Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zzcms zzcms 8.3 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2018-18789
An issue exists in zzcms 8.3. SQL Injection exists in zt/top.php via a Host HTTP header to zt/news.php.
Zzcms Zzcms 8.3
578
VMScore
CVE-2018-18790
An issue exists in zzcms 8.3. SQL Injection exists in admin/special_add.php via a zxbigclassid cookie. (This needs an admin user login.)
Zzcms Zzcms 8.3
668
VMScore
CVE-2018-18791
An issue exists in zzcms 8.3. SQL Injection exists in zs/search.php via a pxzs cookie.
Zzcms Zzcms 8.3
668
VMScore
CVE-2018-18792
An issue exists in zzcms 8.3. SQL Injection exists in zs/zs_list.php via a pxzs cookie.
Zzcms Zzcms 8.3
490
VMScore
CVE-2018-17797
An issue exists in zzcms 8.3. user/zssave.php allows remote malicious users to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock.
Zzcms Zzcms 8.3
490
VMScore
CVE-2018-17798
An issue exists in zzcms 8.3. user/ztconfig.php allows remote malicious users to delete arbitrary files via an absolute pathname in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock.
Zzcms Zzcms 8.3
668
VMScore
CVE-2018-17136
zzcms 8.3 contains a SQL Injection vulnerability in /user/check.php via a Client-Ip HTTP header.
Zzcms Zzcms 8.3
570
VMScore
CVE-2018-16344
An issue exists in zzcms 8.3. It allows remote malicious users to delete arbitrary files via directory traversal sequences in the flv parameter. This can be leveraged for database access by deleting install.lock.
Zzcms Zzcms 8.3
668
VMScore
CVE-2018-1000653
zzcms version 8.3 and previous versions contains a SQL Injection vulnerability in zt/top.php line 5 that can result in could be attacked by sql injection in zzcms in nginx. This attack appear to be exploitable via running zzcms in nginx.
Zzcms Zzcms
605
VMScore
CVE-2018-14963
zzcms 8.3 has CSRF via the admin/adminadd.php?action=add URI.
Zzcms Zzcms 8.3.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »