CVE-2021-32605
The CVE-2021-32605 entry concerns zzzcms/zzzphp before 2.0.4, where the parserIfLabel template processing fails to validate user-provided keys in the ?location=search flow, enabling remote code execution. The vulnerability allows an attacker to run arbitrary OS commands or code via a crafted keys...