China National Vulnerability DatabaseCNVD-2022-67045ZZCMS index php information leakage vulnerability
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
ZZCMS is a content management system (CMS) from the ZZCMS team in China. ZZCMS 2022 suffers from an information disclosure vulnerability that stems from insufficient protection of sensitive information and could be exploited to obtain an error message from the server by sending a request to β/admin/index php?_Serverβ, showing the location of the application (absolute path).
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N