CVE-2018-8965
The CVE-2018-8965 entry affects zzcms v8.2, specifically the user/ppsave.php endpoint. An issue in the oldimg parameter of an action=modify request allows remote attackers to perform directory traversal and delete arbitrary files (notably install.lock), enabling potential database access. Evidenc...