Vulnerabilities > Zzzcms > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-10-18 CVE-2023-45909 Open Redirect vulnerability in Zzzcms Zzzphp 2.2.0
zzzcms v2.2.0 was discovered to contain an open redirect vulnerability.
network
low complexity
zzzcms CWE-601
6.1
6.1
2023-10-14 CVE-2023-5582 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Zzzcms 2.2.0
A vulnerability, which was classified as problematic, has been found in ZZZCMS 2.2.0.
network
low complexity
zzzcms CWE-80
5.4
5.4
2021-12-09 CVE-2020-19682 Cross-Site Request Forgery (CSRF) vulnerability in Zzzcms 1.7.1
A Cross Site Request Forgery (CSRF) vulnerability exits in ZZZCMS V1.7.1 via the save_user funciton in save.php.
network
zzzcms CWE-352
6.8
6.8
2019-09-23 CVE-2019-16720 Unrestricted Upload of File with Dangerous Type vulnerability in Zzzcms Zzzphp 1.7.2
ZZZCMS zzzphp v1.7.2 does not properly restrict file upload in plugins/ueditor/php/controller.php?upfolder=news&action=catchimage, as demonstrated by uploading a .htaccess or .php5 file.
network
low complexity
zzzcms CWE-434
5.0
5.0
2019-02-26 CVE-2019-9182 Cross-Site Request Forgery (CSRF) vulnerability in Zzzcms Zzzphp 1.6.1
There is a CSRF in ZZZCMS zzzphp V1.6.1 via a /admin015/save.php?act=editfile request.
network
zzzcms CWE-352
6.8
6.8
2019-02-23 CVE-2019-9041 Code Injection vulnerability in Zzzcms Zzzphp 1.6.1
An issue was discovered in ZZZCMS zzzphp V1.6.1.
network
low complexity
zzzcms CWE-94
6.5
6.5
2018-12-13 CVE-2018-20127 Improper Input Validation vulnerability in Zzzcms Zzzphp CMS 1.5.8
An issue was discovered in zzzphp cms 1.5.8.
network
low complexity
zzzcms CWE-20
6.4
6.4