Lucene search

Zerocms Security Vulnerabilities

cve

CVE-2015-1442

SQL injection vulnerability in views/zero_transact_user.php in the administrative backend in ZeroCMS 1.3.3, 1.3.2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the user_id parameter in a Modify Account action. NOTE: The article_id parameter to...

8.1AI Score

0.021EPSS

2015-02-06 03:59 PM

cve

CVE-2014-4710

Cross-site scripting (XSS) vulnerability in zero_user_account.php in ZeroCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the Full Name...

5.7AI Score

0.002EPSS

2014-07-29 02:55 PM

cve

CVE-2014-4194

SQL injection vulnerability in zero_transact_article.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the article_id parameter in a Submit Comment...

8.4AI Score

0.001EPSS

2014-07-09 02:55 PM

cve

CVE-2014-4195

Cross-site scripting (XSS) vulnerability in zero_view_article.php in ZeroCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the article_id...

5.8AI Score

0.002EPSS

2014-07-03 02:55 PM

cve

CVE-2014-4034

SQL injection vulnerability in zero_view_article.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the article_id...

8.6AI Score

0.003EPSS

2014-06-11 02:55 PM