Lucene search
K

5 matches found

Nuclei
Nuclei
added yesterday256 views

ZZZCMS 1.6.1 - Remote Code Execution

ZZZCMS zzzphp V1.6.1 is vulnerable to remote code execution via the inc/zzztemplate.php file because the parserIfLabel function's filtering is not strict, resulting in PHP code execution as demonstrated by the if:assert substring. id: CVE-2019-9041 info: name: ZZZCMS 1.6.1 - Remote Code Execution...

7.2CVSS7.7AI score0.31421EPSS
Exploits8References5
Exploit DB
Exploit DB
added 2019/02/25 12:0 a.m.90 views

zzzphp CMS 1.6.1 - Remote Code Execution

Exploit Title: dynamic code evaluation of zzzphp cms 1.6.1 Google Dork: intext:"2015-2019 zzcms.com" Date: 24/02/2019 Exploit Author: Yang Chenglong Vendor Homepage: http://www.zzzcms.com/index.html Software Link: http://115.29.55.18/zzzphp.zip Version: 1.6.1 Tested on: windows/Linux,iis/apache C...

7.2CVSS7.2AI score0.31421EPSS
Exploits8
Packet Storm
Packet Storm
added 2019/02/25 12:0 a.m.99 views

ZZZPHP CMS 1.6.1 Remote Code Execution

Exploit Title: dynamic code evaluation of zzzphp cms 1.6.1 Google Dork: intext:"2015-2019 zzcms.com" Date: 24/02/2019 Exploit Author: Yang Chenglong Vendor Homepage: http://www.zzzcms.com/index.html Software Link: http://115.29.55.18/zzzphp.zip Version: 1.6.1 Tested on: windows/Linux,iis/apache C...

0.1AI score0.31421EPSS
Exploits8
0day.today
0day.today
added 2019/02/25 12:0 a.m.119 views

zzzphp CMS 1.6.1 - Remote Code Execution Vulnerability

Exploit for php platform in category web applications Exploit Title: dynamic code evaluation of zzzphp cms 1.6.1 Google Dork: intext:"2015-2019 zzcms.com" Date: 24/02/2019 Exploit Author: Yang Chenglong Vendor Homepage: http://www.zzzcms.com/index.html Software Link: http://115.29.55.18/zzzphp.zi...

7.5CVSS0.1AI score0.31421EPSS
Exploits8
CVE
CVE
added 2019/02/23 6:0 p.m.119 views

CVE-2019-9041

ZZZCMS 1.6.1 is vulnerable to remote code execution via inc/zzz_template.php: parserIfLabel() filtering is not strict, allowing injection of PHP code (example: {if:assert($_POST[x])} and similar). This can enable arbitrary code execution on affected systems, with CVSS3.0 vector CVSS:3.0/AV:N/AC:L...

7.2CVSS7.1AI score0.31421EPSS
Exploits8References2Affected Software1
Rows per page
Query Builder