Vulnerabilities > Zzcms > Zzcms > 4.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-12 | CVE-2024-11130 | Cross-site Scripting vulnerability in Zzcms A vulnerability was found in ZZCMS up to 2023. | 4.8 |
| 2024-09-04 | CVE-2024-44819 | Cross-site Scripting vulnerability in Zzcms Cross Site Scripting vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive information via a crafted script to the pagename parameter of the admin/del.php component. | 6.1 |
| 2024-09-04 | CVE-2024-44820 | Cross-site Scripting vulnerability in Zzcms A sensitive information disclosure vulnerability exists in ZZCMS v.2023 and before within the eginfo.php file located at /3/E_bak5.1/upload/. | 6.1 |
| 2021-12-09 | CVE-2021-43703 | Unspecified vulnerability in Zzcms An Incorrect Access Control vulnerability exists in zzcms less than or equal to 2019 via admin.php. | 9.8 |
| 2019-07-23 | CVE-2019-1010153 | SQL Injection vulnerability in Zzcms zzcms 8.3 and earlier is affected by: SQL Injection. | 9.8 |
| 2019-07-23 | CVE-2019-1010152 | Missing Authorization vulnerability in Zzcms zzcms 8.3 and earlier is affected by: File Delete to Code Execution. | 9.8 |
| 2019-07-23 | CVE-2019-1010150 | Missing Authorization vulnerability in Zzcms zzcms 8.3 and earlier is affected by: File Delete to Code Execution. | 9.8 |
| 2019-07-23 | CVE-2019-1010149 | Missing Authorization vulnerability in Zzcms zzcms version 8.3 and earlier is affected by: File Delete to Code Execution. | 9.8 |
| 2019-07-23 | CVE-2019-1010148 | SQL Injection vulnerability in Zzcms zzcms version 8.3 and earlier is affected by: SQL Injection. | 9.8 |
| 2018-08-20 | CVE-2018-1000653 | SQL Injection vulnerability in Zzcms zzcms version 8.3 and earlier contains a SQL Injection vulnerability in zt/top.php line 5 that can result in could be attacked by sql injection in zzcms in nginx. | 9.8 |