Vulnerabilities > Zzcms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-12 | CVE-2024-11130 | Cross-site Scripting vulnerability in Zzcms A vulnerability was found in ZZCMS up to 2023. | 4.8 |
| 2024-09-04 | CVE-2024-44819 | Cross-site Scripting vulnerability in Zzcms Cross Site Scripting vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive information via a crafted script to the pagename parameter of the admin/del.php component. | 6.1 |
| 2024-09-04 | CVE-2024-44820 | Cross-site Scripting vulnerability in Zzcms A sensitive information disclosure vulnerability exists in ZZCMS v.2023 and before within the eginfo.php file located at /3/E_bak5.1/upload/. | 6.1 |
| 2022-12-07 | CVE-2022-44361 | Cross-site Scripting vulnerability in Zzcms 2022 An issue was discovered in ZZCMS 2022. | 5.4 |
| 2022-09-22 | CVE-2022-40443 | Path Traversal vulnerability in Zzcms 2022 An absolute path traversal vulnerability in ZZCMS 2022 allows attackers to obtain sensitive information via a crafted GET request sent to /one/siteinfo.php. | 5.3 |
| 2022-09-22 | CVE-2022-40444 | Path Traversal vulnerability in Zzcms 2022 ZZCMS 2022 was discovered to contain a full path disclosure vulnerability via the page /admin/index.PHP? _server. | 5.3 |
| 2022-04-08 | CVE-2021-46437 | Cross-site Scripting vulnerability in Zzcms 2021 An issue was discovered in ZZCMS 2021. | 4.8 |
| 2022-02-09 | CVE-2021-45286 | Path Traversal vulnerability in Zzcms 2021 Directory Traversal vulnerability exists in ZZCMS 2021 via the skin parameter in 1) index.php, 2) bottom.php, and 3) top_index.php. | 5.3 |
| 2021-12-13 | CVE-2020-19042 | Cross-site Scripting vulnerability in Zzcms 2019 Cross Site Scripting (XSS) vulnerability exists in zzcms 2019 XSS via a modify action in user/adv.php. | 6.1 |
| 2021-06-03 | CVE-2020-35973 | Cross-site Scripting vulnerability in Zzcms 2020 An issue was discovered in zzcms2020. | 5.4 |