Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zzcms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-45347
An Incorrect Access Control vulnerability exists in zzcms 8.2, which lets a malicious user bypass authentication by changing the user name in the cookie to use any password.
Zzcms Zzcms 8.2
9.8
CVSSv3
CVE-2021-42945
A SQL Injection vulnerability exists in ZZCMS 2021 via the askbigclassid parameter in /admin/ask.php.
Zzcms Zzcms 2021
9.8
CVSSv3
CVE-2019-12349
An issue exists in zzcms 2019. SQL Injection exists in /admin/dl_sendsms.php via the id parameter.
Zzcms Zzcms 2019
8.8
CVSSv3
CVE-2019-12356
An issue exists in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter.
Zzcms Zzcms 2019
1 Github repository
9.8
CVSSv3
CVE-2019-12348
An issue exists in zzcms 2019. SQL Injection exists in user/ztconfig.php via the daohang or img POST parameter.
Zzcms Zzcms 2019
9.8
CVSSv3
CVE-2019-12350
An issue exists in zzcms 2019. SQL Injection exists in dl/dl_download.php via an id parameter value with a trailing comma.
Zzcms Zzcms 2019
9.8
CVSSv3
CVE-2019-12351
An issue exists in zzcms 2019. SQL Injection exists in dl/dl_print.php via an id parameter value with a trailing comma.
Zzcms Zzcms 2019
8.8
CVSSv3
CVE-2019-12352
An issue exists in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendmail.php (when the attacker has dls_print authority) via a dlid cookie.
Zzcms Zzcms 2019
7.2
CVSSv3
CVE-2019-12353
An issue exists in zzcms 2019. There is a SQL injection Vulnerability in /admin/dl_sendmail.php (when the attacker has admin authority) via the id parameter.
Zzcms Zzcms 2019
7.2
CVSSv3
CVE-2019-12354
An issue exists in zzcms 2019. There is a SQL injection Vulnerability in /admin/showbad.php (when the attacker has admin authority) via the id parameter.
Zzcms Zzcms 2019
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »