CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

9.8CVSS9.5AI score0.00621EPSS

EUVD-2019-1893

Malware in sbrugna...

7.2CVSS7AI score0.00247EPSS

EUVD-2018-10504

Malware in sbrugna...

9.8CVSS9.5AI score0.0025EPSS

EUVD-2018-10501

Malware in sbrugna...

9.8CVSS9.5AI score0.00307EPSS

EUVD-2018-9166

Malware in sbrugna...

RedhatCVE•added 2025/05/22 6:43 p.m.•5 views

CVE-2021-40279

An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/bad.php...

7.2CVSS8.2AI score0.00274EPSS

Exploits1

RedhatCVE•added 2025/05/22 10:10 a.m.•3 views

CVE-2019-1010153

zzcms 8.3 and earlier is affected by: SQL Injection. The impact is: sql inject. The component is: zs/subzs.php...

9.8CVSS7.7AI score0.00307EPSS

RedhatCVE•added 2025/05/22 8:13 a.m.•14 views

CVE-2019-1010149

zzcms version 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: zzcms File Delete to Code Execution. The component is: user/licencesave.php...

9.8CVSS7.1AI score0.0113EPSS

Positive Technologies•added 2024/12/02 12:0 a.m.•1 views

PT-2024-35419 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A SQL injection issue was discovered in the /q/show.php endpoint. This issue allows for potential SQL injection attacks. Recommendations: For ZZCMS version 2023, consider restricting access to the /q/show.php...

9.8CVSS7.5AI score0.00261EPSS

Exploits1References8

Positive Technologies•added 2024/10/23 12:0 a.m.•1 views

PT-2024-16166 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A critical issue has been found, affecting the function Ebak SetGotoPak of the file 3/Ebbak5.1/upload/class/functions.php. The manipulation of the argument file leads to unrestricted upload. It is possible to...

9.8CVSS6.6AI score0.00142EPSS

Exploits0References7

Positive Technologies•added 2024/08/19 12:0 a.m.•2 views

PT-2024-38692 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A critical vulnerability has been found in ZZCMS. The issue affects an unknown function of the file /admin/about edit.php?action=modify. The manipulation of the skin argument leads to path traversal. It is...

7.5CVSS7.5AI score0.00365EPSS

Exploits1References10

OSV•added 2024/08/16 8:15 p.m.•1 views

CVE-2024-43009

A reflected cross-site scripting XSS vulnerability exists in user/login.php at line 24 in ZZCMS 2023 and earlier. The application directly inserts the value of the HTTPREFERER header into the HTML response without proper sanitization. An attacker can exploit this vulnerability by tricking a user...

4.7CVSS6AI score0.00265EPSS

Exploits0References2

Positive Technologies•added 2024/08/16 12:0 a.m.•1 views

PT-2024-30251 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A reflected cross-site scripting XSS issue in the dl liuyan save.php component allows attackers to execute arbitrary code in the context of a user's browser by injecting a crafted payload. This enables the...

4.7CVSS7AI score0.00244EPSS

Exploits0References6

Positive Technologies•added 2022/09/22 12:0 a.m.•1 views

PT-2022-25388 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS version 2022 Description: An absolute path traversal issue allows attackers to obtain sensitive information via a crafted GET request sent to "/one/siteinfo.php". Recommendations: For ZZCMS version 2022, as a temporary workaround,...

5.3CVSS5AI score0.12186EPSS

Exploits1References5

Positive Technologies•added 2022/09/10 12:0 a.m.•2 views

PT-2022-6559 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS version 2022 Description: The issue is related to a SQL injection vulnerability in the ZZCMS system, specifically in the admin/sendmailto.php component. This vulnerability arises from the lack of protection against SQL query structure...

8.5CVSS7.2AI score0.00255EPSS

Exploits1References6

CNNVD•added 2021/06/03 12:0 a.m.•1 views

zzcms zzcms 跨站脚本漏洞

ZZCMS is the content management system of Webmaster Merchants. A cross-site scripting vulnerability exists in /user/manage.php in ZZCMS version 2020. An attacker can exploit this vulnerability to insert and execute arbitrary JS code...

5.4CVSS5.6AI score0.00206EPSS