Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zzcms vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2018-18788
An issue exists in zzcms 8.3. SQL Injection exists in admin/classmanage.php via the tablename parameter. (This needs an admin user login.)
Zzcms Zzcms 8.3
605
VMScore
CVE-2021-46436
An issue exists in ZZCMS 2021. There is a SQL injection vulnerability in ad_manage.php.
Zzcms Zzcms 2021
570
VMScore
CVE-2018-16344
An issue exists in zzcms 8.3. It allows remote malicious users to delete arbitrary files via directory traversal sequences in the flv parameter. This can be leveraged for database access by deleting install.lock.
Zzcms Zzcms 8.3
605
VMScore
CVE-2018-14963
zzcms 8.3 has CSRF via the admin/adminadd.php?action=add URI.
Zzcms Zzcms 8.3.
312
VMScore
CVE-2019-9078
zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter because inc/stopsqlin.php does not block a mixed-case string such as sCrIpT.
Zzcms Zzcms 2019
668
VMScore
CVE-2018-17412
zzcms v8.3 contains a SQL Injection vulnerability in /user/logincheck.php via an X-Forwarded-For HTTP header.
Zzcms Zzcms 8.3
383
VMScore
CVE-2018-17413
XSS exists in zzcms v8.3 via the /uploadimg_form.php noshuiyin parameter.
Zzcms Zzcms 8.3
578
VMScore
CVE-2018-17414
zzcms v8.3 has a SQL injection in /user/jobmanage.php via the bigclass parameter.
Zzcms Zzcms 8.3
578
VMScore
CVE-2018-17415
zzcms V8.3 has a SQL injection in /user/zs_elite.php via the id parameter.
Zzcms Zzcms 8.3
578
VMScore
CVE-2018-17416
A SQL injection vulnerability exists in zzcms v8.3 via the /admin/adclass.php bigclassid parameter.
Zzcms Zzcms 8.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »