Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

OSV
OSVadded 2018/09/30 8:29 p.m.2 views

CVE-2018-17798

An issue was discovered in zzcms 8.3. user/ztconfig.php allows remote attackers to delete arbitrary files via an absolute pathname in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock...

6.5CVSS5.9AI score0.00259EPSS
Exploits1References1
Prion
Prionadded 2018/09/30 8:29 p.m.13 views

Directory traversal

An issue was discovered in zzcms 8.3. user/zssave.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock...

5.5CVSS6.6AI score0.00258EPSS
Exploits1References1Affected Software1
CNVD
CNVDadded 2018/04/08 12:0 a.m.1 views

Arbitrary File Deletion Vulnerability in zzcms

ZzCMS is the content management system of Webmaster Merchants. An arbitrary file deletion vulnerability exists in user/adv.php in zzcms 8.2. A remote attacker can exploit this vulnerability by deleting arbitrary files via a directory traversal sequence in the oldimg parameter. An attacker can...

7.5CVSS7.1AI score0.00585EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2018/04/07 12:0 a.m.2 views

PT-2018-18988 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: zzcms version 8.2 Description: An issue was discovered that allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in the user/adv.php endpoint. This can be leveraged for database access by...

7.5CVSS7.5AI score0.00585EPSS
Exploits1References2
CNVD
CNVDadded 2018/03/26 12:0 a.m.1 views

ZZCMS 'oldimg' parameter arbitrary file deletion vulnerability

ZZCMS is a CMS Content Management System used to quickly build Merchants type websites. A security vulnerability exists in ZZCMS version 8.2. The vulnerability can be exploited by a remote attacker to delete arbitrary files with the 'oldimg' parameter in an action=modify request with a directory...

7.5CVSS7.1AI score0.00634EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2018/03/24 6:29 p.m.0 views

CVE-2018-8965

An issue was discovered in zzcms 8.2. user/ppsave.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock...

7.5CVSS5.8AI score0.00634EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2018/03/24 6:29 p.m.3 views

CVE-2018-8969

An issue was discovered in zzcms 8.2. user/licencesave.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock...

7.5CVSS5.8AI score0.00585EPSS
Exploits1References2
OSV
OSVadded 2018/03/24 6:29 p.m.1 views

CVE-2018-8965

An issue was discovered in zzcms 8.2. user/ppsave.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock...

7.5CVSS5.9AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2018/03/24 12:0 a.m.1 views

PT-2018-18744 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: zzcms version 8.2 Description: An issue in zzcms allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request to the "user/ppsave.php" endpoint. This can be leveraged...

7.5CVSS7.7AI score0.00634EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2018/03/24 12:0 a.m.3 views

PT-2018-18747 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: zzcms version 8.2 Description: An issue was discovered that allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg or oldflv parameter in an "action=modify" request to the "user/manage.php" endpoint...

7.5CVSS7.5AI score0.00585EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2018/03/24 12:0 a.m.3 views

PT-2018-18748 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: zzcms version 8.2 Description: An issue in zzcms allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request to the "user/licence save.php" endpoint. This can be...

7.5CVSS7.7AI score0.00585EPSS
Exploits1References2
Rows per page
Query Builder