Vulnerabilities > Zzcms
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-09-02 | CVE-2018-16344 | Path Traversal vulnerability in Zzcms 8.3 An issue was discovered in zzcms 8.3. | 7.5 |
2018-08-20 | CVE-2018-1000653 | SQL Injection vulnerability in Zzcms zzcms version 8.3 and earlier contains a SQL Injection vulnerability in zt/top.php line 5 that can result in could be attacked by sql injection in zzcms in nginx. | 9.8 |
2018-08-06 | CVE-2018-14963 | Cross-Site Request Forgery (CSRF) vulnerability in Zzcms 8.3. zzcms 8.3 has CSRF via the admin/adminadd.php?action=add URI. | 8.8 |
2018-08-06 | CVE-2018-14962 | Cross-site Scripting vulnerability in Zzcms 8.3. zzcms 8.3 has stored XSS related to the content variable in user/manage.php and zt/show.php. | 5.4 |
2018-08-06 | CVE-2018-14961 | SQL Injection vulnerability in Zzcms 8.3 dl/dl_sendmail.php in zzcms 8.3 has SQL Injection via the sql parameter. | 9.8 |
2018-07-03 | CVE-2018-13116 | SQL Injection vulnerability in Zzcms 8.3. /user/del.php in zzcms 8.3 allows SQL injection via the tablename parameter after leveraging use of the zzcms_ask table. | 9.8 |
2018-07-02 | CVE-2018-13056 | Improper Input Validation vulnerability in Zzcms 8.3 An issue was discovered on zzcms 8.3. | 7.5 |
2018-04-07 | CVE-2018-9331 | Path Traversal vulnerability in Zzcms 8.2 An issue was discovered in zzcms 8.2. | 7.5 |
2018-04-05 | CVE-2018-9309 | SQL Injection vulnerability in Zzcms 8.2 An issue was discovered in zzcms 8.2. | 9.8 |
2018-03-24 | CVE-2018-8969 | Path Traversal vulnerability in Zzcms 8.2 An issue was discovered in zzcms 8.2. | 7.5 |