Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zzcms vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-17136
zzcms 8.3 contains a SQL Injection vulnerability in /user/check.php via a Client-Ip HTTP header.
Zzcms Zzcms 8.3
8.8
CVSSv3
CVE-2023-36162
Cross Site Request Forgery vulnerability in ZZCMS v.2023 and previous versions allows a remote malicious user to gain privileges via the add function in adminlist.php.
Zzcms Zzcms 2023
7.5
CVSSv3
CVE-2020-19957
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows malicious users to retrieve sensitive data via the id parameter on the /dl/dl_print.php page.
Zzcms Zzcms 2019
9.8
CVSSv3
CVE-2020-23426
zzcms 201910 contains an access control vulnerability through escalation of privileges in /user/adv.php, which allows an malicious user to modify data for further attacks such as CSRF.
Zzcms Zzcms 201910
9.8
CVSSv3
CVE-2018-18789
An issue exists in zzcms 8.3. SQL Injection exists in zt/top.php via a Host HTTP header to zt/news.php.
Zzcms Zzcms 8.3
9.8
CVSSv3
CVE-2018-18791
An issue exists in zzcms 8.3. SQL Injection exists in zs/search.php via a pxzs cookie.
Zzcms Zzcms 8.3
7.2
CVSSv3
CVE-2019-12353
An issue exists in zzcms 2019. There is a SQL injection Vulnerability in /admin/dl_sendmail.php (when the attacker has admin authority) via the id parameter.
Zzcms Zzcms 2019
8.8
CVSSv3
CVE-2019-12356
An issue exists in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter.
Zzcms Zzcms 2019
1 Github repository
7.2
CVSSv3
CVE-2019-12359
An issue exists in zzcms 2019. There is a SQL injection Vulnerability in /admin/ztliuyan_sendmail.php (when the attacker has admin authority) via the id parameter.
Zzcms Zzcms 2019
7.2
CVSSv3
CVE-2018-18784
An issue exists in zzcms 8.3. SQL Injection exists in admin/tagmanage.php via the tabletag parameter. (This needs an admin user login.)
Zzcms Zzcms 8.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »