Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zzcms zzcms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-12349
An issue exists in zzcms 2019. SQL Injection exists in /admin/dl_sendsms.php via the id parameter.
Zzcms Zzcms 2019
7.5
CVSSv2
CVE-2019-12350
An issue exists in zzcms 2019. SQL Injection exists in dl/dl_download.php via an id parameter value with a trailing comma.
Zzcms Zzcms 2019
7.5
CVSSv2
CVE-2019-12351
An issue exists in zzcms 2019. SQL Injection exists in dl/dl_print.php via an id parameter value with a trailing comma.
Zzcms Zzcms 2019
7.5
CVSSv2
CVE-2021-42945
A SQL Injection vulnerability exists in ZZCMS 2021 via the askbigclassid parameter in /admin/ask.php.
Zzcms Zzcms 2021
7.5
CVSSv2
CVE-2021-43703
An Incorrect Access Control vulnerability exists in zzcms less than or equal to 2019 via admin.php. After disabling JavaScript, you can directly access the administrator console.
Zzcms Zzcms
7.5
CVSSv2
CVE-2019-12348
An issue exists in zzcms 2019. SQL Injection exists in user/ztconfig.php via the daohang or img POST parameter.
Zzcms Zzcms 2019
7.5
CVSSv2
CVE-2020-23426
zzcms 201910 contains an access control vulnerability through escalation of privileges in /user/adv.php, which allows an malicious user to modify data for further attacks such as CSRF.
Zzcms Zzcms 201910
7.5
CVSSv2
CVE-2019-1010149
zzcms version 8.3 and previous versions is affected by: File Delete to Code Execution. The impact is: zzcms File Delete to Code Execution. The component is: user/licence_save.php.
Zzcms Zzcms
7.5
CVSSv2
CVE-2019-1010150
zzcms 8.3 and previous versions is affected by: File Delete to Code Execution. The impact is: getshell. The component is: /user/zssave.php.
Zzcms Zzcms
7.5
CVSSv2
CVE-2019-1010152
zzcms 8.3 and previous versions is affected by: File Delete to Code Execution. The impact is: getshell. The component is: user/manage.php line 31-80.
Zzcms Zzcms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »