Zenario Security Vulnerabilities and Issues — Zenario CVE List

Lucene search

TribalsystemsZenario

3 matches found

CVE•added 2021/04/16 6:15 p.m.•100 views

CVE-2021-26830

SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the ID input field of ajax.php in the Pugin library - delete module.

9.1CVSS9.5AI score0.01093EPSS

CVE•added 2022/11/30 3:15 p.m.•53 views

CVE-2022-44136

Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution (RCE).

9.8CVSS9.6AI score0.01124EPSS

CVE•added 2024/05/04 5:15 a.m.•46 views

CVE-2024-34461

Zenario before 9.5.60437 uses Twig filters insecurely in the Twig Snippet plugin, and in the site-wide HEAD and BODY elements, enabling code execution by a designer or an administrator.

9.8CVSS7.3AI score0.00129EPSS