Vulnerabilities > Zzcms > Zzcms > 2018
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-09 | CVE-2021-43703 | Unspecified vulnerability in Zzcms An Incorrect Access Control vulnerability exists in zzcms less than or equal to 2019 via admin.php. | 7.5 |
2021-08-26 | CVE-2020-19822 | Code Injection vulnerability in Zzcms 2018 A remote code execution (RCE) vulnerability in template_user.php of ZZCMS version 2018 allows attackers to execute arbitrary PHP code via the "ml" and "title" parameters. | 7.2 |
2019-02-17 | CVE-2019-8411 | Path Traversal vulnerability in Zzcms 2018 admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to delete arbitrary files via action=del&filename=../ directory traversal. | 6.4 |