Vulnerabilities > Zcms Project > Zcms > 20170206

DATE CVE VULNERABILITY TITLE RISK
2022-04-26 CVE-2022-28521 Unspecified vulnerability in Zcms Project Zcms 20170206
ZCMS v20170206 was discovered to contain a file inclusion vulnerability via index.php?m=home&c=home&a=sp_set_config.
network
low complexity
zcms-project
critical
 9.8
9.8
2022-04-26 CVE-2022-28522 Cross-site Scripting vulnerability in Zcms Project Zcms 20170206
ZCMS v20170206 was discovered to contain a stored cross-site scripting (XSS) vulnerability via index.php?m=home&c=message&a=add.
network
low complexity
zcms-project CWE-79
5.4
5.4