Vulnerabilities > Zzcms > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-07 | CVE-2018-17415 | SQL Injection vulnerability in Zzcms 8.3 zzcms V8.3 has a SQL injection in /user/zs_elite.php via the id parameter. | 8.8 |
| 2019-03-07 | CVE-2018-17414 | SQL Injection vulnerability in Zzcms 8.3 zzcms v8.3 has a SQL injection in /user/jobmanage.php via the bigclass parameter. | 8.8 |
| 2019-02-17 | CVE-2019-8411 | Path Traversal vulnerability in Zzcms 2018 admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to delete arbitrary files via action=del&filename=../ directory traversal. | 7.5 |
| 2018-10-29 | CVE-2018-18790 | SQL Injection vulnerability in Zzcms 8.3 An issue was discovered in zzcms 8.3. | 7.2 |
| 2018-10-29 | CVE-2018-18788 | SQL Injection vulnerability in Zzcms 8.3 An issue was discovered in zzcms 8.3. | 7.2 |
| 2018-10-29 | CVE-2018-18784 | SQL Injection vulnerability in Zzcms 8.3 An issue was discovered in zzcms 8.3. | 7.2 |
| 2018-09-02 | CVE-2018-16344 | Path Traversal vulnerability in Zzcms 8.3 An issue was discovered in zzcms 8.3. | 7.5 |
| 2018-08-06 | CVE-2018-14963 | Cross-Site Request Forgery (CSRF) vulnerability in Zzcms 8.3. zzcms 8.3 has CSRF via the admin/adminadd.php?action=add URI. | 8.8 |
| 2018-07-02 | CVE-2018-13056 | Improper Input Validation vulnerability in Zzcms 8.3 An issue was discovered on zzcms 8.3. | 7.5 |
| 2018-04-07 | CVE-2018-9331 | Path Traversal vulnerability in Zzcms 8.2 An issue was discovered in zzcms 8.2. | 7.5 |