Lucene search
+L

168 matches found

cve
cve
added 2023/10/14 2:0 p.m.58 views

CVE-2023-5582

CVE-2023-5582 concerns ZZZCMS 2.2.0, where the Personal Profile Page’s processing permits basic cross-site scripting due to an unspecified handling flaw. Multiple connected documents consistently describe an XSS vulnerability that can be triggered remotely and for which exploits have been publicl...

5.4CVSS4.2AI score0.00502EPSS
Exploits1References3Affected Software1
cvelist
cvelist
added 2023/10/14 2:0 p.m.25 views

CVE-2023-5582 ZZZCMS Personal Profile Page cross site scripting

A vulnerability, which was classified as problematic, has been found in ZZZCMS 2.2.0. This issue affects some unknown processing of the component Personal Profile Page. The manipulation leads to basic cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to th...

4CVSS5.5AI score0.00502EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2023/10/14 12:0 a.m.4 views

PT-2023-32194 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZZCMS version 2.2.0 Description: A vulnerability has been found in the Personal Profile Page component of ZZZCMS, which affects some unknown processing and leads to basic cross-site scripting. The attack may be initiated remotely. The exploi...

5.4CVSS6.1AI score0.00502EPSS
Exploits1References8
nvd
nvd
added 2023/09/29 2:15 p.m.17 views

CVE-2023-5263

A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Affected by this issue is the function restore of the file /admin/save.php of the component Database Backup File Handler. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been...

8.8CVSS7AI score0.00643EPSS
Exploits1References3
osv
osv
added 2023/09/29 2:15 p.m.3 views

CVE-2023-5263

A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Affected by this issue is the function restore of the file /admin/save.php of the component Database Backup File Handler. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been...

8.8CVSS5.3AI score0.00643EPSS
Exploits1References3
prion
prion
added 2023/09/29 2:15 p.m.26 views

Design/Logic Flaw

A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Affected by this issue is the function restore of the file /admin/save.php of the component Database Backup File Handler. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been...

6.5CVSS8.6AI score0.00643EPSS
Exploits1References3Affected Software1
vulnrichment
vulnrichment
added 2023/09/29 2:0 p.m.3 views

CVE-2023-5263 ZZZCMS Database Backup File save.php restore permission

A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Affected by this issue is the function restore of the file /admin/save.php of the component Database Backup File Handler. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been...

6.5CVSS7.5AI score0.00643EPSS
Exploits1References3
cve
cve
added 2023/09/29 2:0 p.m.51 views

CVE-2023-5263

The CVE concerns ZZZCMS 2.1.7. It targets the restore function in the Database Backup File Handler’s /admin/save.php, where improper handling leads to permission issues. The vulnerability can be exploited remotely, and public disclosures exist (exploit has been disclosed). Affected component: Dat...

8.8CVSS7.5AI score0.00643EPSS
Exploits1References3Affected Software1
cvelist
cvelist
added 2023/09/29 2:0 p.m.25 views

CVE-2023-5263 ZZZCMS Database Backup File save.php restore permission

A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Affected by this issue is the function restore of the file /admin/save.php of the component Database Backup File Handler. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been...

6.5CVSS8.9AI score0.00643EPSS
Exploits1References3
cnnvd
cnnvd
added 2023/09/29 12:0 a.m.5 views

ZZZCMS Authorization Issues Vulnerabilities

ZZZCMS zzzphp is a content management system CMS. An authorization issue vulnerability exists in ZZZCMS version 2.1.7, which stems from improper privilege management...

8.8CVSS6.9AI score0.00643EPSS
Exploits1References4
nvd
nvd
added 2022/03/23 9:15 p.m.30 views

CVE-2022-23881

ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution RCE vulnerability via dangerkey at zzztemplate.php...

9.8CVSS0.56509EPSS
Exploits1References1
attackerkb
attackerkb
added 2022/03/23 9:15 p.m.9 views

CVE-2022-23881

ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution RCE vulnerability via dangerkey at zzztemplate.php...

9.8CVSS7.5AI score0.56509EPSS
Exploits1References3
osv
osv
added 2022/03/23 9:15 p.m.8 views

CVE-2022-23881

ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution RCE vulnerability via dangerkey at zzztemplate.php...

9.8CVSS5.9AI score0.56509EPSS
Exploits1References1
prion
prion
added 2022/03/23 9:15 p.m.15 views

Command injection

ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution RCE vulnerability via dangerkey at zzztemplate.php...

7.5CVSS9.7AI score0.56509EPSS
Exploits1References1Affected Software1
cve
cve
added 2022/03/23 8:9 p.m.131 views

CVE-2022-23881

ZZZCMS zzzphp 2.1.0 is affected by a remote code execution (RCE) vulnerability via danger_key() in zzz_template.php. Root cause: improper handling in danger_key() allows arbitrary code execution. Impact: attacker can execute code on affected systems (high/critical impact per sources). Exploitatio...

9.8CVSS9.7AI score0.56509EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2022/03/23 8:9 p.m.40 views

CVE-2022-23881

ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution RCE vulnerability via dangerkey at zzztemplate.php...

9.9AI score0.56509EPSS
Exploits1References1
cnnvd
cnnvd
added 2022/03/23 12:0 a.m.5 views

ZZZCMS zzzphp 安全漏洞

ZZZCMS zzzphp is a content management system CMS. A security vulnerability exists in ZZZCMS zzzphp version v2.1.0, which stems from incomplete filtering of user-entered parameters by the dangerkey function in zzztemplate.php...

9.8CVSS8.3AI score0.56509EPSS
Exploits1References2
cnvd
cnvd
added 2021/12/12 12:0 a.m.16 views

ZZZCMS Cross-Site Scripting Vulnerability

ZZZCMS is a content management system CMS from the ZZZCMS team in China. ZZZCMS suffers from a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied and output data in the editfile action of /adminxxx/save.php. An attacker could exploit the...

5.4CVSS3.4AI score0.00562EPSS
Exploits1References1
osv
osv
added 2021/12/09 6:15 p.m.4 views

CVE-2020-19683

A Cross Site Scripting XSS exists in ZZZCMS V1.7.1 via an editfile action in save.php...

5.4CVSS5.8AI score0.00562EPSS
Exploits1References1
nvd
nvd
added 2021/12/09 6:15 p.m.25 views

CVE-2020-19683

A Cross Site Scripting XSS exists in ZZZCMS V1.7.1 via an editfile action in save.php...

5.4CVSS0.00562EPSS
Exploits1References1
Rows per page
Query Builder