CVE-2022-27129
CVE-2022-27129 affects zbzcms v1.0, where an arbitrary file upload vulnerability in /admin/ajax.php can be exploited to execute arbitrary PHP code via a crafted file. The issue enables remote code execution with no authentication and minimal prerequisites, as indicated by the associated CVSS data...