Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zzcms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-17412
zzcms v8.3 contains a SQL Injection vulnerability in /user/logincheck.php via an X-Forwarded-For HTTP header.
Zzcms Zzcms 8.3
6.5
CVSSv2
CVE-2018-17415
zzcms V8.3 has a SQL injection in /user/zs_elite.php via the id parameter.
Zzcms Zzcms 8.3
3.5
CVSSv2
CVE-2019-9078
zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter because inc/stopsqlin.php does not block a mixed-case string such as sCrIpT.
Zzcms Zzcms 2019
6.4
CVSSv2
CVE-2019-8411
admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote malicious users to delete arbitrary files via action=del&filename=../ directory traversal.
Zzcms Zzcms 2018
6.5
CVSSv2
CVE-2018-18784
An issue exists in zzcms 8.3. SQL Injection exists in admin/tagmanage.php via the tabletag parameter. (This needs an admin user login.)
Zzcms Zzcms 8.3
7.5
CVSSv2
CVE-2018-18785
An issue exists in zzcms 8.3. SQL Injection exists in zs/subzs.php with a zzcmscpid cookie to zs/search.php.
Zzcms Zzcms 8.3
7.5
CVSSv2
CVE-2018-18787
An issue exists in zzcms 8.3. SQL Injection exists in zs/zs.php via a pxzs cookie.
Zzcms Zzcms 8.3
6.5
CVSSv2
CVE-2018-18790
An issue exists in zzcms 8.3. SQL Injection exists in admin/special_add.php via a zxbigclassid cookie. (This needs an admin user login.)
Zzcms Zzcms 8.3
7.5
CVSSv2
CVE-2018-18792
An issue exists in zzcms 8.3. SQL Injection exists in zs/zs_list.php via a pxzs cookie.
Zzcms Zzcms 8.3
7.5
CVSSv2
CVE-2018-18786
An issue exists in zzcms 8.3. SQL Injection exists in ajax/zs.php via a pxzs cookie.
Zzcms Zzcms 8.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »