Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zzcms vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-50104
ZZCMS 2023 has a file upload vulnerability in 3/E_bak5.1/upload/index.php, allowing malicious users to exploit this loophole to gain server privileges and execute arbitrary code.
Zzcms Zzcms 2023
9.8
CVSSv3
CVE-2023-42398
An issue in zzCMS v.2023 allows a remote malicious user to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php.
Zzcms Zzcms 2023
8.8
CVSSv3
CVE-2023-36162
Cross Site Request Forgery vulnerability in ZZCMS v.2023 and previous versions allows a remote malicious user to gain privileges via the add function in adminlist.php.
Zzcms Zzcms 2023
5.4
CVSSv3
CVE-2022-44361
An issue exists in ZZCMS 2022. There is a cross-site scripting (XSS) vulnerability in admin/ad_list.php.
Zzcms Zzcms 2022
5.3
CVSSv3
CVE-2022-40443
An absolute path traversal vulnerability in ZZCMS 2022 allows malicious users to obtain sensitive information via a crafted GET request sent to /one/siteinfo.php.
Zzcms Zzcms 2022
5.3
CVSSv3
CVE-2022-40444
ZZCMS 2022 exists to contain a full path disclosure vulnerability via the page /admin/index.PHP? _server.
Zzcms Zzcms 2022
7.2
CVSSv3
CVE-2022-40446
ZZCMS 2022 exists to contain a SQL injection vulnerability via the component /admin/sendmailto.php?tomail=&groupid=.
Zzcms Zzcms 2022
7.2
CVSSv3
CVE-2022-40447
ZZCMS 2022 exists to contain a SQL injection vulnerability via the keyword parameter at /admin/baojia_list.php.
Zzcms Zzcms 2022
8.8
CVSSv3
CVE-2019-12356
An issue exists in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter.
Zzcms Zzcms 2019
1 Github repository
8.8
CVSSv3
CVE-2019-12352
An issue exists in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendmail.php (when the attacker has dls_print authority) via a dlid cookie.
Zzcms Zzcms 2019
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »