Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Zzcms
(Zzcms)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 80 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-02-09 | CVE-2021-45286 | Directory Traversal vulnerability exists in ZZCMS 2021 via the skin parameter in 1) index.php, 2) bottom.php, and 3) top_index.php. | Zzcms | 5.3 | ||
2021-12-13 | CVE-2020-19042 | Cross Site Scripting (XSS) vulnerability exists in zzcms 2019 XSS via a modify action in user/adv.php. | Zzcms | 6.1 | ||
2021-12-15 | CVE-2021-42945 | A SQL Injection vulnerability exists in ZZCMS 2021 via the askbigclassid parameter in /admin/ask.php. | Zzcms | 9.8 | ||
2021-12-09 | CVE-2021-40279 | An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/bad.php. | Zzcms | 7.2 | ||
2021-12-09 | CVE-2021-40280 | An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/dl_sendmail.php. | Zzcms | 7.2 | ||
2021-12-09 | CVE-2021-40281 | An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 in dl/dl_print.php when registering ordinary users. | Zzcms | 8.8 | ||
2021-12-09 | CVE-2021-40282 | An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, abd 2021 in dl/dl_download.php. when registering ordinary users. | Zzcms | 8.8 | ||
2021-10-14 | CVE-2020-19957 | A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the id parameter on the /dl/dl_print.php page. | Zzcms | 7.5 | ||
2021-10-14 | CVE-2020-19959 | A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dl_sendmail.php page cookie. | Zzcms | 7.5 | ||
2021-10-14 | CVE-2020-19960 | A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dl_sendsms.php page cookie. | Zzcms | 7.5 |