Vulnerabilities > Zzcms > Zzcms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-29 | CVE-2023-50104 | Unrestricted Upload of File with Dangerous Type vulnerability in Zzcms 2023 ZZCMS 2023 has a file upload vulnerability in 3/E_bak5.1/upload/index.php, allowing attackers to exploit this loophole to gain server privileges and execute arbitrary code. | 9.8 |
| 2023-09-15 | CVE-2023-42398 | Server-Side Request Forgery (SSRF) vulnerability in Zzcms 2023 An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php. | 9.8 |
| 2023-07-03 | CVE-2023-36162 | Cross-Site Request Forgery (CSRF) vulnerability in Zzcms 2023 Cross Site Request Forgery vulnerability in ZZCMS v.2023 and earlier allows a remote attacker to gain privileges via the add function in adminlist.php. | 8.8 |
| 2022-12-07 | CVE-2022-44361 | Cross-site Scripting vulnerability in Zzcms 2022 An issue was discovered in ZZCMS 2022. | 5.4 |
| 2022-06-17 | CVE-2019-12352 | SQL Injection vulnerability in Zzcms 2019 An issue was discovered in zzcms 2019. | 6.5 |
| 2022-06-17 | CVE-2019-12353 | SQL Injection vulnerability in Zzcms 2019 An issue was discovered in zzcms 2019. | 6.5 |
| 2022-06-17 | CVE-2019-12354 | SQL Injection vulnerability in Zzcms 2019 An issue was discovered in zzcms 2019. | 6.5 |
| 2022-06-17 | CVE-2019-12355 | SQL Injection vulnerability in Zzcms 2019 An issue was discovered in zzcms 2019. | 6.5 |
| 2022-06-17 | CVE-2019-12356 | SQL Injection vulnerability in Zzcms 2019 An issue was discovered in zzcms 2019. | 6.5 |
| 2022-06-17 | CVE-2019-12357 | SQL Injection vulnerability in Zzcms 2019 An issue was discovered in zzcms 2019. | 6.5 |