Vulnerabilities > Zkup

DATE	CVE	VULNERABILITY TITLE	RISK
2009-08-31	CVE-2008-7124	Improper Authentication vulnerability in Zkup zKup CMS 2.0 through 2.3 does not require administrative authentication for admin/configuration/modifier.php, which allows remote attackers to gain administrator privileges via a direct request, as demonstrated by adding a new administrator. network low complexity zkup CWE-287	7.5
2009-08-31	CVE-2008-7123	Code Injection vulnerability in Zkup Static code injection vulnerability in admin/configuration/modifier.php in zKup CMS 2.0 through 2.3 allows remote attackers to inject arbitrary PHP code into fichiers/config.php via a null byte (%00) in the login parameter in an ajout action, which bypasses the regular expression check. network zkup CWE-94	6.8

Vulnerabilities > Zkup {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Zkup"}]}