2 matches found
Zenario CMS 9.0.54156 - Remote Code Execution (Authenticated) Exploit
Exploit Title: Zenario CMS 9.0.54156 - Remote Code Execution RCE Authenticated Exploit Author: minhnq22 Vendor Homepage: https://zenar.io/ Software Link: https://zenar.io/download-page Version: 9.0.54156 Tested on: Ubuntu 21.04 CVE : CVE-2021–42171 Python3 import os import sys import json import...
CVE-2021-41952
Zenario CMS 9.0.54156 is vulnerable to Cross Site Scripting XSS via upload file to .SVG. An attacker can send malicious files to victims and steals victim's cookie leads to account takeover. The person viewing the image of a contact can be victim of XSS...