10 matches found
CVE-2024-44817
SQL Injection vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive information via the id parameter in the adv2.php component...
CVE-2024-44817
SQL Injection vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive information via the id parameter in the adv2.php component...
CVE-2024-44820
A sensitive information disclosure vulnerability exists in ZZCMS v.2023 and before within the eginfo.php file located at /3/Ebak5.1/upload/. When accessed with the query parameter phome=ShowPHPInfo, the application executes the phpinfo function, which exposes detailed information about the PHP...
CVE-2024-44817
CVE-2024-44817 describes a SQL Injection in ZZCMS v.2023 and earlier, exploitable via the id parameter in the adv2.php component. A remote attacker can obtain sensitive information. Public details across NVD/Red Hat/CNNVD/CVE records confirm the same vulnerability vector; no explicit exploit code...
CVE-2024-44819
The CVE refers to ZZCMS (versions 2023 and earlier) with a Cross-Site Scripting vulnerability in the admin/del.php component via the pagename parameter. The flaw could allow a remote attacker to obtain sensitive information. Source details from PT-Security describe the issue and provide a high-le...
CVE-2023-42398
An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php...
CVE-2023-42398
An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php...
CVE-2023-36162
Cross Site Request Forgery vulnerability in ZZCMS v.2023 and earlier allows a remote attacker to gain privileges via the add function in adminlist.php...
CVE-2023-36162
Cross Site Request Forgery vulnerability in ZZCMS v.2023 and earlier allows a remote attacker to gain privileges via the add function in adminlist.php...
CVE-2023-36162
Cross Site Request Forgery vulnerability in ZZCMS v.2023 and earlier allows a remote attacker to gain privileges via the add function in adminlist.php...