Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Zzcms
(Zzcms)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 91 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-06-17 | CVE-2019-12357 | An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/deluser.php (when the attacker has admin authority) via the id parameter. | Zzcms | 7.2 | ||
2022-06-17 | CVE-2019-12358 | An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendsms.php (when the attacker has dls_print authority) via a dlid cookie. | Zzcms | 8.8 | ||
2022-06-17 | CVE-2019-12359 | An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/ztliuyan_sendmail.php (when the attacker has admin authority) via the id parameter. | Zzcms | 7.2 | ||
2022-06-17 | CVE-2019-12352 | An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendmail.php (when the attacker has dls_print authority) via a dlid cookie. | Zzcms | 8.8 | ||
2022-06-02 | CVE-2019-12349 | An issue was discovered in zzcms 2019. SQL Injection exists in /admin/dl_sendsms.php via the id parameter. | Zzcms | 9.8 | ||
2022-06-02 | CVE-2019-12350 | An issue was discovered in zzcms 2019. SQL Injection exists in dl/dl_download.php via an id parameter value with a trailing comma. | Zzcms | 9.8 | ||
2022-06-02 | CVE-2019-12351 | An issue was discovered in zzcms 2019. SQL Injection exists in dl/dl_print.php via an id parameter value with a trailing comma. | Zzcms | 9.8 | ||
2019-07-23 | CVE-2019-1010149 | zzcms version 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: zzcms File Delete to Code Execution. The component is: user/licence_save.php. | Zzcms | 9.8 | ||
2019-07-23 | CVE-2019-1010150 | zzcms 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: getshell. The component is: /user/zssave.php. | Zzcms | 9.8 | ||
2019-07-23 | CVE-2019-1010152 | zzcms 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: getshell. The component is: user/manage.php line 31-80. | Zzcms | 9.8 |