Lucene search
K

82 matches found

Prion
Prion
added 2022/05/23 2:16 p.m.12 views

Server side request forgery (ssrf)

CSZCMS v1.3.0 allows attackers to execute a Server-Side Request Forgery SSRF which can be leveraged to leak sensitive data via a local file inclusion at /admin/filemanager/connector/...

5CVSS7.5AI score0.01944EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2022/05/23 1:35 p.m.18 views

CVE-2022-28997

CSZCMS v1.3.0 allows attackers to execute a Server-Side Request Forgery SSRF which can be leveraged to leak sensitive data via a local file inclusion at /admin/filemanager/connector/...

7.7AI score0.01944EPSS
Exploits1References5
CVE
CVE
added 2022/05/23 1:35 p.m.70 views

CVE-2022-28997

CSZCMS v1.3.0 is affected by a Server-Side Request Forgery (SSRF) vulnerability that can be leveraged to leak sensitive data via a local file inclusion at /admin/filemanager/connector/. The issue, documented in CVE-2022-28997 and reported across multiple sources (NVD, Red Hat, CVE List, etc.), in...

7.5CVSS7.4AI score0.01944EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2022/05/23 12:0 a.m.7 views

CSZCMS 代码问题漏洞

CSZCMS is an open source web application that allows managing all content and settings on a website. A security vulnerability exists in CSZCMS version 1.3.0 that originates from the leakage of sensitive data via local files in /admin/filemanager/connector/...

7.5CVSS7.3AI score0.01944EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2022/04/12 4:15 p.m.3 views

CVE-2022-27164

CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcmsadminUsersviewUsers...

9.8CVSS7.3AI score0.01107EPSS
Exploits1References2
0day.today
0day.today
added 2022/04/07 12:0 a.m.399 views

CSZCMS 1.3.0 SSRF / LFI / Remote Code Execution Vulnerabilities

Title: CSZCMS V1.3.0 - SSRF To LFI To Rce Author: Hejap Zairy Vendor: https://sourceforge.net/projects/cszcms/files/install/ Software: https://liquidtelecom.dl.sourceforge.net/project/cszcms/install/CSZCMS-V1.3.0.zip Reference: https://github.com/Matrix07ksa Tested on: Windows, MySQL, Apache 1 -...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2022/04/07 12:0 a.m.287 views

CSZCMS 1.3.0 SSRF / LFI / Remote Code Execution

Title: CSZCMS V1.3.0 - SSRF To LFI To Rce Author: Hejap Zairy Date: 07.04.2022 Vendor: https://sourceforge.net/projects/cszcms/files/install/ Software: https://liquidtelecom.dl.sourceforge.net/project/cszcms/install/CSZCMS-V1.3.0.zip Reference: https://github.com/Matrix07ksa Tested on: Windows,...

0.3AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/01/27 6:15 p.m.8 views

CVE-2021-46377

There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.phpviewUser...

9.8CVSS7.8AI score0.00956EPSS
Exploits1References2
OSV
OSV
added 2022/01/27 6:15 p.m.3 views

CVE-2021-46377

There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.phpviewUser...

9.8CVSS7.3AI score0.00956EPSS
Exploits1References1
NVD
NVD
added 2022/01/27 6:15 p.m.24 views

CVE-2021-46377

There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.phpviewUser...

9.8CVSS0.00956EPSS
Exploits1References1
Prion
Prion
added 2022/01/27 6:15 p.m.15 views

Sql injection

There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.phpviewUser...

7.5CVSS9.5AI score0.00956EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/01/27 5:36 p.m.60 views

CVE-2021-46377

CSZ CMS 1.2.9 contains a front-end SQL injection vulnerability exploitable through cszcms/controllers/Member.php#viewUser. The issue is documented across multiple sources (CVE-2021-46377) with high severity (CVSSv3.1 base score 9.8; impact to confidentiality, integrity, and availability) and a ne...

9.8CVSS9.4AI score0.00956EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/01/27 5:36 p.m.23 views

CVE-2021-46377

There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.phpviewUser...

9.8AI score0.00956EPSS
Exploits1References1
CNVD
CNVD
added 2021/05/19 12:0 a.m.3 views

SQL Injection Vulnerability in cszcms (CNVD-2021-39092)

cszcms is an open source web application that allows to manage all the content and settings on the website. A SQL injection vulnerability exists in cszcms. An attacker can exploit the vulnerability to obtain sensitive information about the database...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/04/02 12:0 a.m.3 views

SQL Injection Vulnerability in cszcms

cszcms is an open source content management system. cszcms has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

7.7AI score
Exploits0
NVD
NVD
added 2021/03/10 2:15 p.m.23 views

CVE-2021-3224

A stored cross-site scripting XSS vulnerability in cszcms 1.2.9 exists in /admin/pages/new via the content parameter...

5.4CVSS0.00538EPSS
Exploits1References2
OSV
OSV
added 2021/03/10 2:15 p.m.4 views

CVE-2021-3224

A stored cross-site scripting XSS vulnerability in cszcms 1.2.9 exists in /admin/pages/new via the content parameter...

5.4CVSS6AI score0.00538EPSS
Exploits1References2
Prion
Prion
added 2021/03/10 2:15 p.m.16 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in cszcms 1.2.9 exists in /admin/pages/new via the content parameter...

3.5CVSS5.2AI score0.00538EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/03/10 1:38 p.m.40 views

CVE-2021-3224

CSZ CMS 1.2.9 contains a stored XSS in /admin/pages/new via the content parameter. This CVE (CVE-2021-3224) is consistently described across multiple feeds (NVD, CNVD, Red Hat, CNVD CNVD, etc.) as a stored XSS vulnerability in CSZ CMS. The core issue is input in the content field being reflected ...

5.4CVSS5.2AI score0.00538EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/03/10 1:38 p.m.24 views

CVE-2021-3224

A stored cross-site scripting XSS vulnerability in cszcms 1.2.9 exists in /admin/pages/new via the content parameter...

5.4AI score0.00538EPSS
Exploits1References2
Rows per page
Query Builder