17 matches found
CVE-2019-12352
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dlsendmail.php when the attacker has dlsprint authority via a dlid cookie...
EUVD-2018-6843
Malware in sbrugna...
EUVD-2019-3987
Malware in sbrugna...
CVE-2020-19959
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dlsendmail.php page cookie...
Sql injection
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dlsendmail.php when the attacker has dlsprint authority via a dlid cookie...
CVE-2019-12352
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dlsendmail.php when the attacker has dlsprint authority via a dlid cookie...
CVE-2019-12352
CVE-2019-12352 describes a SQL injection vulnerability in zzcms 2019, exploitable in /dl/dl_sendmail.php via a dlid cookie when the attacker has dls_print authority. The issue arises from unsafely handling user-controlled data in the cookie which is used in a database query. Multiple connected so...
ZZCMS dl_sendmail.php SQL Injection Vulnerability
ZZCMS is a content management system CMS from the Zzcms team in China. ZZCMS is vulnerable to SQL injection, which stems from a missing validation of externally entered SQL statements in the id parameter of admin/dlsendmail.php. An attacker could use this vulnerability to execute illegal SQL...
Sql injection
An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/dlsendmail.php...
CVE-2021-40280
The CVE-2021-40280 entry describes an SQL injection vulnerability in ZZCMS (ZZCMS CMS) exposed via the id parameter in admin/dl_sendmail.php. Affected versions are listed as 8.2, 8.3, 2020, and 2021. The root cause is missing validation of externally supplied SQL statements, enabling an attacker ...
ZZCMS SQL Injection Vulnerability (CNVD-2021-102063)
ZZCMS is a content management system CMS from the Zzcms team in China. ZZCMS version 2019 is vulnerable to SQL injection, which stems from the software's lack of effective filtering and escaping of SQL statements. An attacker retrieves sensitive data via the dlid parameter in the cookie on the...
Sql injection
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dlsendmail.php page cookie...
ZZCMS SQL注入漏洞
ZZCMS is a content management system CMS from the Zzcms team in China. ZZCMS version 2019 is vulnerable to SQL injection, which stems from the software's lack of effective filtering and escaping of SQL statements. An attacker retrieves sensitive data via the dlid parameter in the cookie on the...
Sql injection
dl/dlsendmail.php in zzcms 8.3 has SQL Injection via the sql parameter...
CVE-2018-14961
dl/dlsendmail.php in zzcms 8.3 has SQL Injection via the sql parameter...
CVE-2018-14961
dl/dlsendmail.php in zzcms 8.3 has SQL Injection via the sql parameter...
CVE-2018-14961
SQL Injection in ZZCMS 8.3 (CVE-2018-14961) via the sql parameter in dl/dl_sendmail.php is documented across CNVD-2018-15398 and related sources. The vulnerability arises in ZZCMS’s handling of user-supplied values for the sql parameter, enabling arbitrary SQL execution. CNVD notes that a remote ...