Zcms Project Security Vulnerabilities

CVE-2015-7346

SQL injection vulnerability in ZCMS 1.1.

CVE-2015-7347

Cross-site scripting (XSS) vulnerability in ZCMS JavaServer Pages Content Management System 1.1.

CVE-2022-28521

ZCMS v20170206 was discovered to contain a file inclusion vulnerability via index.php?m=home&c=home&a=sp_set_config.

CVE-2022-28522

ZCMS v20170206 was discovered to contain a stored cross-site scripting (XSS) vulnerability via index.php?m=home&c=message&a=add.