Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zzcms zzcms vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2020-23630
A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection).
Zzcms Zzcms 201910
312
VMScore
CVE-2019-9078
zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter because inc/stopsqlin.php does not block a mixed-case string such as sCrIpT.
Zzcms Zzcms 2019
605
VMScore
CVE-2021-46436
An issue exists in ZZCMS 2021. There is a SQL injection vulnerability in ad_manage.php.
Zzcms Zzcms 2021
312
VMScore
CVE-2021-46437
An issue exists in ZZCMS 2021. There is a cross-site scripting (XSS) vulnerability in ad_manage.php.
Zzcms Zzcms 2021
312
VMScore
CVE-2018-14962
zzcms 8.3 has stored XSS related to the content variable in user/manage.php and zt/show.php.
Zzcms Zzcms 8.3.
NA
CVE-2023-50104
ZZCMS 2023 has a file upload vulnerability in 3/E_bak5.1/upload/index.php, allowing malicious users to exploit this loophole to gain server privileges and execute arbitrary code.
Zzcms Zzcms 2023
NA
CVE-2022-44361
An issue exists in ZZCMS 2022. There is a cross-site scripting (XSS) vulnerability in admin/ad_list.php.
Zzcms Zzcms 2022
383
VMScore
CVE-2020-19042
Cross Site Scripting (XSS) vulnerability exists in zzcms 2019 XSS via a modify action in user/adv.php.
Zzcms Zzcms 2019
570
VMScore
CVE-2018-13056
An issue exists on zzcms 8.3. There is a vulnerability at /user/del.php that can delete any file by placing its relative path into the zzcms_main table and then making an img add request. This can be leveraged for database access by deleting install.lock.
Zzcms Zzcms 8.3
578
VMScore
CVE-2019-12353
An issue exists in zzcms 2019. There is a SQL injection Vulnerability in /admin/dl_sendmail.php (when the attacker has admin authority) via the id parameter.
Zzcms Zzcms 2019
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »