Zzcms V7.2 Arbitrary File Deletion Vulnerability

ZZCMS is an enterprise website builder. An arbitrary file deletion vulnerability exists in the '/user/delimg.php' page of Zzcms V7.2. An attacker is allowed to exploit the vulnerability to delete arbitrary files, or can cause a reinstallation...

Multiple SQL Injection Vulnerabilities in ZZCMS 7.2

ZZCMS is an enterprise website builder. A SQL injection vulnerability exists in the username parameter on the /reg/userregcheckemail.php page, the bigclass parameter on the zt/zs.php page, and the pagesize parameter on the /zh/zh.php page. An attacker can exploit the vulnerabilities to obtain...

Multiple XSS Vulnerabilities in ZZCMS 7.2

ZZCMS is an enterprise website builder. ZZCMS 7.2 suffers from an XSS vulnerability in the /inc/top.php page and the Uploadimgform.php page. An attacker can exploit the vulnerability to inject arbitrary Web script or HTML...

Arbitrary File Read Vulnerability in zzcms 7.2 Version

ZZCMS highlights the investment and supply and demand functions, you can quickly build a product investment website. ZZCMS v7.1 has an arbitrary file read vulnerability that can be exploited by an attacker to access restricted directories and execute commands outside the root directory of the web...