Vulnerabilities > Zzcms > Critical

DATE CVE VULNERABILITY TITLE RISK
2025-01-19 CVE-2025-0565 Injection vulnerability in Zzcms 2023
A vulnerability was found in ZZCMS 2023.
network
low complexity
zzcms CWE-74
critical
 9.8
9.8
2024-10-23 CVE-2024-10291 SQL Injection vulnerability in Zzcms 2023
A vulnerability has been found in ZZCMS 2023 and classified as critical.
network
low complexity
zzcms CWE-89
critical
 9.8
9.8
2024-10-23 CVE-2024-10292 Unrestricted Upload of File with Dangerous Type vulnerability in Zzcms 2023
A vulnerability was found in ZZCMS 2023 and classified as critical.
network
low complexity
zzcms CWE-434
critical
 9.8
9.8
2024-10-23 CVE-2024-10293 Unrestricted Upload of File with Dangerous Type vulnerability in Zzcms 2023
A vulnerability was found in ZZCMS 2023.
network
low complexity
zzcms CWE-434
critical
 9.8
9.8
2023-12-29 CVE-2023-50104 Unrestricted Upload of File with Dangerous Type vulnerability in Zzcms 2023
ZZCMS 2023 has a file upload vulnerability in 3/E_bak5.1/upload/index.php, allowing attackers to exploit this loophole to gain server privileges and execute arbitrary code.
network
low complexity
zzcms CWE-434
critical
 9.8
9.8
2023-09-15 CVE-2023-42398 Server-Side Request Forgery (SSRF) vulnerability in Zzcms 2023
An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php.
network
low complexity
zzcms CWE-918
critical
 9.8
9.8
2022-06-02 CVE-2019-12349 SQL Injection vulnerability in Zzcms 2019
An issue was discovered in zzcms 2019.
network
low complexity
zzcms CWE-89
critical
 9.8
9.8
2022-06-02 CVE-2019-12350 SQL Injection vulnerability in Zzcms 2019
An issue was discovered in zzcms 2019.
network
low complexity
zzcms CWE-89
critical
 9.8
9.8
2022-06-02 CVE-2019-12351 SQL Injection vulnerability in Zzcms 2019
An issue was discovered in zzcms 2019.
network
low complexity
zzcms CWE-89
critical
 9.8
9.8
2021-12-15 CVE-2021-42945 SQL Injection vulnerability in Zzcms 2021
A SQL Injection vulnerability exists in ZZCMS 2021 via the askbigclassid parameter in /admin/ask.php.
network
low complexity
zzcms CWE-89
critical
 9.8
9.8