Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ZzzcmsZzzphp

3 matches found

CVE
CVEadded 2021/05/11 11:15 p.m.73 views

CVE-2021-32605

zzzcms zzzphp before 2.0.4 allows remote attackers to execute arbitrary OS commands by placing them in the keys parameter of a ?location=search URI, as demonstrated by an OS command within an "if" "end if" block.

9.8CVSS9.8AI score0.21913EPSS
CVE
CVEadded 2021/03/15 5:15 p.m.30 views

CVE-2020-24877

A SQL injection vulnerability in zzzphp v1.8.0 through /form/index.php?module=getjson may lead to a possible access restriction bypass.

9.8CVSS9.6AI score0.00546EPSS
CVE
CVEadded 2021/02/05 2:15 p.m.26 views

CVE-2020-18717

SQL Injection in ZZZCMS zzzphp 1.7.1 allows remote attackers to execute arbitrary code due to a lack of parameter filtering in inc/zzz_template.php.

9.8CVSS9.8AI score0.07212EPSS