Vulnerabilities > Zzcms > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-10-23 CVE-2024-10291 SQL Injection vulnerability in Zzcms 2023
A vulnerability has been found in ZZCMS 2023 and classified as critical.
network
low complexity
zzcms CWE-89
critical
 9.8
9.8
2024-10-23 CVE-2024-10292 Unrestricted Upload of File with Dangerous Type vulnerability in Zzcms 2023
A vulnerability was found in ZZCMS 2023 and classified as critical.
network
low complexity
zzcms CWE-434
critical
 9.8
9.8
2024-10-23 CVE-2024-10293 Unrestricted Upload of File with Dangerous Type vulnerability in Zzcms 2023
A vulnerability was found in ZZCMS 2023.
network
low complexity
zzcms CWE-434
critical
 9.8
9.8
2023-12-29 CVE-2023-50104 Unrestricted Upload of File with Dangerous Type vulnerability in Zzcms 2023
ZZCMS 2023 has a file upload vulnerability in 3/E_bak5.1/upload/index.php, allowing attackers to exploit this loophole to gain server privileges and execute arbitrary code.
network
low complexity
zzcms CWE-434
critical
 9.8
9.8
2023-09-15 CVE-2023-42398 Server-Side Request Forgery (SSRF) vulnerability in Zzcms 2023
An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php.
network
low complexity
zzcms CWE-918
critical
 9.8
9.8
2018-04-05 CVE-2018-9309 SQL Injection vulnerability in Zzcms 8.2
An issue was discovered in zzcms 8.2.
network
low complexity
zzcms CWE-89
critical
 9.8
9.8
2018-03-24 CVE-2018-8967 SQL Injection vulnerability in Zzcms 8.2
An issue was discovered in zzcms 8.2.
network
low complexity
zzcms CWE-89
critical
 9.8
9.8