CVE-2024-7927
ZZCMS 2023 contains a path traversal flaw in /admin/class.php?dowhat=modifyclass caused by unsafely handling the skin[] parameter. The vulnerability allows remote exploitation and has had the exploit disclosed publicly. Affected component: the modifyclass endpoint; root cause: insufficient input ...