CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

97 matches found

RedhatCVE•added 2026/01/07 9:29 a.m.•7 views

CVE-2019-12356

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dlsdownload.php when the attacker has dlsdownload authority via the id parameter...

8.8CVSS7.9AI score0.00887EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:27 a.m.•12 views

CVE-2019-12357

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/deluser.php when the attacker has admin authority via the id parameter...

7.2CVSS7.9AI score0.00875EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:26 a.m.•5 views

CVE-2019-12355

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dlsprint.php when the attacker has dlsprint authority via the id parameter...

8.8CVSS7.9AI score0.00887EPSS

Exploits1References1

CVE•added 2025/12/17 11:32 p.m.•14 views

CVE-2025-14837

ZZCMS 2025 has a code injection vulnerability in the Backend Website Settings Module. The stripfxg function in /admin/siteconfig.php mishandles the icp argument, enabling remote code execution. Exploit has been publicly disclosed. Affected: ZZCMS 2025; file: /admin/siteconfig.php; function: strip...

7.2CVSS6.8AI score0.00386EPSS

Exploits1References4Affected Software1

EUVD•added 2025/12/17 11:32 p.m.•3 views

EUVD-2025-204005

A vulnerability has been found in ZZCMS 2025. Affected by this issue is the function stripfxg of the file /admin/siteconfig.php of the component Backend Website Settings Module. Such manipulation of the argument icp leads to code injection. The attack can be executed remotely. The exploit has bee...

5.8CVSS6.6AI score0.00386EPSS

Exploits1References5

EUVD•added 2025/12/17 11:2 p.m.•3 views

EUVD-2025-204007

A flaw has been found in ZZCMS 2025. Affected by this vulnerability is an unknown functionality of the file /reg/usersave.php of the component User Data Storage Module. This manipulation causes cleartext storage in a file or on disk. Remote exploitation of the attack is possible. The exploit has...

5.1CVSS5.9AI score0.00175EPSS

Exploits0References5

EUVD•added 2025/11/14 5:32 p.m.•3 views

EUVD-2025-197629

A vulnerability was identified in ZZCMS 2023. This impacts an unknown function of the file /admin/wangkanlist.php. Such manipulation of the argument keyword leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used...

6.5CVSS6.6AI score0.00307EPSS

Exploits1References6

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2018-20574

Malware in sbrugna...

9.8CVSS9.2AI score0.0184EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-1895

Malware in sbrugna...

9.8CVSS9.5AI score0.02442EPSS

Exploits1References2