Published: 11/06/2014 Updated: 29/08/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in zero_view_article.php in ZeroCMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the article_id parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
aas9 zerocms 1.0

ZeroCMS 10 (article_id) SQL Injection Vulnerability Vendor: Another Awesome Stuff Product web page: wwwaas9in/zerocms/ Affected version: 10 Summary: ZeroCMS is a very simple Content Management System built using PHP and MySQL Desc: Input passed via the 'article_id' GET parameter to zero_view_articlephp script is not properly sanit ...

CWE-89 http://www.exploit-db.com/exploits/33702 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5186.php http://packetstormsecurity.com/files/127005/ZeroCMS-1.0-SQL-Injection.html http://www.securityfocus.com/bid/67953 http://secunia.com/advisories/59182 http://seclists.org/fulldisclosure/2015/Feb/4 http://seclists.org/oss-sec/2015/q1/380 http://sroesemann.blogspot.de/2015/02/addition-for-advisory-sroeadv-2015-14.html http://seclists.org/oss-sec/2015/q1/379 http://packetstormsecurity.com/files/130192/ZeroCMS-1.3.3-SQL-Injection.html http://sroesemann.blogspot.de/2015/01/sroeadv-2015-13.html http://sroesemann.blogspot.de/2015/01/report-for-advisory-sroeadv-2015-14.html https://exchange.xforce.ibmcloud.com/vulnerabilities/100588 https://nvd.nist.gov https://www.exploit-db.com/exploits/33702/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-4034

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect