Vulnerabilities > Zzcms > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-10-23 CVE-2024-10291 SQL Injection vulnerability in Zzcms 2023
A vulnerability has been found in ZZCMS 2023 and classified as critical.
network
low complexity
zzcms CWE-89
critical
 9.8
9.8
2024-10-23 CVE-2024-10292 Unrestricted Upload of File with Dangerous Type vulnerability in Zzcms 2023
A vulnerability was found in ZZCMS 2023 and classified as critical.
network
low complexity
zzcms CWE-434
critical
 9.8
9.8
2024-10-23 CVE-2024-10293 Unrestricted Upload of File with Dangerous Type vulnerability in Zzcms 2023
A vulnerability was found in ZZCMS 2023.
network
low complexity
zzcms CWE-434
critical
 9.8
9.8
2023-12-29 CVE-2023-50104 Unrestricted Upload of File with Dangerous Type vulnerability in Zzcms 2023
ZZCMS 2023 has a file upload vulnerability in 3/E_bak5.1/upload/index.php, allowing attackers to exploit this loophole to gain server privileges and execute arbitrary code.
network
low complexity
zzcms CWE-434
critical
 9.8
9.8
2023-09-15 CVE-2023-42398 Server-Side Request Forgery (SSRF) vulnerability in Zzcms 2023
An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php.
network
low complexity
zzcms CWE-918
critical
 9.8
9.8
2022-06-02 CVE-2019-12349 SQL Injection vulnerability in Zzcms 2019
An issue was discovered in zzcms 2019.
network
low complexity
zzcms CWE-89
critical
 9.8
9.8
2022-06-02 CVE-2019-12350 SQL Injection vulnerability in Zzcms 2019
An issue was discovered in zzcms 2019.
network
low complexity
zzcms CWE-89
critical
 9.8
9.8
2022-06-02 CVE-2019-12351 SQL Injection vulnerability in Zzcms 2019
An issue was discovered in zzcms 2019.
network
low complexity
zzcms CWE-89
critical
 9.8
9.8
2021-12-15 CVE-2021-42945 SQL Injection vulnerability in Zzcms 2021
A SQL Injection vulnerability exists in ZZCMS 2021 via the askbigclassid parameter in /admin/ask.php.
network
low complexity
zzcms CWE-89
critical
 9.8
9.8
2021-12-09 CVE-2021-43703 Unspecified vulnerability in Zzcms
An Incorrect Access Control vulnerability exists in zzcms less than or equal to 2019 via admin.php.
network
low complexity
zzcms
critical
 9.8
9.8