6 matches found
CVE-2023-45554
File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via modification of the imageext parameter from jpg, jpeg,gif, and png to jpg, jpeg,gif, png, pphphp...
CVE-2023-45554
File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via modification of the imageext parameter from jpg, jpeg,gif, and png to jpg, jpeg,gif, png, pphphp...
zzzCMS Code Issues Vulnerabilities
ZZZCMS is a content management system CMS. A security vulnerability exists in zzzCMS version v.2.1.9, which can be exploited by remote attackers to execute arbitrary code by changing the imageext parameter from jpg, jpeg, gif, and png to jpg, jpeg, gif, png, pphphp...
PT-2023-29571 · Zzcms · Zzcms
Name of the Vulnerable Software and Affected Versions: zzzCMS version 2.1.9 Description: The issue allows a remote attacker to execute arbitrary code via modification of the imageext parameter from jpg, jpeg, gif, and png to jpg, jpeg, gif, png, pphphp. This enables the attacker to potentially...
CVE-2023-45554
File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via modification of the imageext parameter from jpg, jpeg,gif, and png to jpg, jpeg,gif, png, pphphp...
CVE-2023-45554
CVE-2023-45554 affects zzzCMS v2.1.9. A file-upload vulnerability lets a remote attacker execute arbitrary code by modifying the imageext parameter (allowed values: jpg, jpeg, gif, png) to include an attacker-controlled payload (e.g., pphphp). Multiple sources (NVD, Red Hat advisory, CNNVD, PRION...