Lucene search
K

10 matches found

NVD
NVD
added 2024/09/04 4:15 p.m.48 views

CVE-2024-44817

SQL Injection vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive information via the id parameter in the adv2.php component...

8.8CVSS0.00687EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/09/04 12:0 a.m.28 views

CVE-2024-44817

SQL Injection vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive information via the id parameter in the adv2.php component...

7.8AI score0.00687EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/09/04 12:0 a.m.14 views

CVE-2024-44820

A sensitive information disclosure vulnerability exists in ZZCMS v.2023 and before within the eginfo.php file located at /3/Ebak5.1/upload/. When accessed with the query parameter phome=ShowPHPInfo, the application executes the phpinfo function, which exposes detailed information about the PHP...

6.7AI score0.00353EPSS
Exploits1References1
CVE
CVE
added 2024/09/04 12:0 a.m.50 views

CVE-2024-44817

CVE-2024-44817 describes a SQL Injection in ZZCMS v.2023 and earlier, exploitable via the id parameter in the adv2.php component. A remote attacker can obtain sensitive information. Public details across NVD/Red Hat/CNNVD/CVE records confirm the same vulnerability vector; no explicit exploit code...

8.8CVSS7.8AI score0.00687EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2024/09/04 12:0 a.m.57 views

CVE-2024-44819

The CVE refers to ZZCMS (versions 2023 and earlier) with a Cross-Site Scripting vulnerability in the admin/del.php component via the pagename parameter. The flaw could allow a remote attacker to obtain sensitive information. Source details from PT-Security describe the issue and provide a high-le...

6.1CVSS6.2AI score0.00376EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2023/09/15 5:15 p.m.22 views

CVE-2023-42398

An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php...

9.8CVSS9.6AI score0.01316EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/09/15 12:0 a.m.21 views

CVE-2023-42398

An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php...

9.7AI score0.01316EPSS
Exploits1References1
NVD
NVD
added 2023/07/03 9:15 p.m.22 views

CVE-2023-36162

Cross Site Request Forgery vulnerability in ZZCMS v.2023 and earlier allows a remote attacker to gain privileges via the add function in adminlist.php...

8.8CVSS8.8AI score0.00544EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/07/03 12:0 a.m.28 views

CVE-2023-36162

Cross Site Request Forgery vulnerability in ZZCMS v.2023 and earlier allows a remote attacker to gain privileges via the add function in adminlist.php...

9AI score0.00544EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/07/03 12:0 a.m.10 views

CVE-2023-36162

Cross Site Request Forgery vulnerability in ZZCMS v.2023 and earlier allows a remote attacker to gain privileges via the add function in adminlist.php...

7.2AI score0.00544EPSS
Exploits1References3
Rows per page
Query Builder