Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zzcms zzcms vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2018-18790
An issue exists in zzcms 8.3. SQL Injection exists in admin/special_add.php via a zxbigclassid cookie. (This needs an admin user login.)
Zzcms Zzcms 8.3
8.8
CVSSv3
CVE-2019-12352
An issue exists in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendmail.php (when the attacker has dls_print authority) via a dlid cookie.
Zzcms Zzcms 2019
8.8
CVSSv3
CVE-2019-12356
An issue exists in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter.
Zzcms Zzcms 2019
1 Github repository
7.2
CVSSv3
CVE-2019-12357
An issue exists in zzcms 2019. There is a SQL injection Vulnerability in /admin/deluser.php (when the attacker has admin authority) via the id parameter.
Zzcms Zzcms 2019
8.8
CVSSv3
CVE-2019-12358
An issue exists in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendsms.php (when the attacker has dls_print authority) via a dlid cookie.
Zzcms Zzcms 2019
9.8
CVSSv3
CVE-2020-23426
zzcms 201910 contains an access control vulnerability through escalation of privileges in /user/adv.php, which allows an malicious user to modify data for further attacks such as CSRF.
Zzcms Zzcms 201910
8.8
CVSSv3
CVE-2020-23630
A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection).
Zzcms Zzcms 201910
9.8
CVSSv3
CVE-2018-18785
An issue exists in zzcms 8.3. SQL Injection exists in zs/subzs.php with a zzcmscpid cookie to zs/search.php.
Zzcms Zzcms 8.3
9.8
CVSSv3
CVE-2018-18786
An issue exists in zzcms 8.3. SQL Injection exists in ajax/zs.php via a pxzs cookie.
Zzcms Zzcms 8.3
9.8
CVSSv3
CVE-2018-18792
An issue exists in zzcms 8.3. SQL Injection exists in zs/zs_list.php via a pxzs cookie.
Zzcms Zzcms 8.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »