Vulnerabilities > Zzcms > Zzcms > 8.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-14 | CVE-2021-45347 | Improper Authentication vulnerability in Zzcms 8.2 An Incorrect Access Control vulnerability exists in zzcms 8.2, which lets a malicious user bypass authentication by changing the user name in the cookie to use any password. | 5.0 |
| 2021-12-09 | CVE-2021-40281 | SQL Injection vulnerability in Zzcms An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 in dl/dl_print.php when registering ordinary users. | 6.5 |
| 2021-12-09 | CVE-2021-40282 | SQL Injection vulnerability in Zzcms An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, abd 2021 in dl/dl_download.php. | 6.5 |
| 2021-12-09 | CVE-2021-43703 | Unspecified vulnerability in Zzcms An Incorrect Access Control vulnerability exists in zzcms less than or equal to 2019 via admin.php. | 7.5 |
| 2021-12-09 | CVE-2021-40279 | SQL Injection vulnerability in Zzcms An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/bad.php. | 6.5 |
| 2021-12-09 | CVE-2021-40280 | SQL Injection vulnerability in Zzcms An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/dl_sendmail.php. | 6.5 |
| 2019-07-23 | CVE-2019-1010153 | SQL Injection vulnerability in Zzcms zzcms 8.3 and earlier is affected by: SQL Injection. | 7.5 |
| 2019-07-23 | CVE-2019-1010152 | Improper Input Validation vulnerability in Zzcms zzcms 8.3 and earlier is affected by: File Delete to Code Execution. | 7.5 |
| 2019-07-23 | CVE-2019-1010150 | Improper Input Validation vulnerability in Zzcms zzcms 8.3 and earlier is affected by: File Delete to Code Execution. | 7.5 |
| 2019-07-23 | CVE-2019-1010149 | Improper Input Validation vulnerability in Zzcms zzcms version 8.3 and earlier is affected by: File Delete to Code Execution. | 7.5 |