Vulnerabilities > Cszcms > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-23 | CVE-2020-19786 | Unrestricted Upload of File with Dangerous Type vulnerability in Cszcms CSZ CMS 1.2.2 File upload vulnerability in CSKaza CSZ CMS v.1.2.2 fixed in v1.2.4 allows attacker to execute aritrary commands and code via crafted PHP file. | 8.8 |
| 2022-05-23 | CVE-2022-28997 | Server-Side Request Forgery (SSRF) vulnerability in Cszcms 1.3.0 CSZCMS v1.3.0 allows attackers to execute a Server-Side Request Forgery (SSRF) which can be leveraged to leak sensitive data via a local file inclusion at /admin/filemanager/connector/. | 7.5 |
| 2019-02-07 | CVE-2019-7566 | Cross-Site Request Forgery (CSRF) vulnerability in Cszcms CSZ CMS 1.1.8 CSZ CMS 1.1.8 has CSRF via admin/users/new/add. | 8.8 |