4 matches found
Zenario CMS 8.8.52729 SQL Injection
Exploit Title: Zenario CMS 8.8.52729 - 'cID' Blind & Error based SQL injection Authenticated Date: 05–02–2021 Exploit Author: Avinash R Vendor Homepage: https://zenar.io/ Software Link: https://github.com/TribalSystems/Zenario/releases/tag/8.8 Version: 8.8.52729 Tested on: Windows 10 Pro No OS...
Zenario CMS 8.8.52729 - (cID) Blind & Error based SQL injection (Authenticated) Vulnerability
Exploit Title: Zenario CMS 8.8.52729 - 'cID' Blind & Error based SQL injection Authenticated Exploit Author: Avinash R Vendor Homepage: https://zenar.io/ Software Link: https://github.com/TribalSystems/Zenario/releases/tag/8.8 Version: 8.8.52729 Tested on: Windows 10 Pro No OS restrictions CVE :...
Zenario CMS 8.8.52729 - 'cID' SQL injection (Authenticated)
Exploit Title: Zenario CMS 8.8.52729 - 'cID' Blind & Error based SQL injection Authenticated Date: 05–02–2021 Exploit Author: Avinash R Vendor Homepage: https://zenar.io/ Software Link: https://github.com/TribalSystems/Zenario/releases/tag/8.8 Version: 8.8.52729 Tested on: Windows 10 Pro No OS...
CVE-2021-27673
CVE-2021-27673 is an XSS vulnerability in Tribal Systems Zenario CMS v8.8.52729, specifically in the admin_boxes.ajax.php component. The issue allows remote attackers to execute arbitrary code by injecting HTML into the cID parameter when creating a new HTML component. The core CVE description co...