Vulnerabilities > Zzzcms > Zzzcms
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-25 | CVE-2023-45554 | Unrestricted Upload of File with Dangerous Type vulnerability in Zzzcms 2.1.9 File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via modification of the imageext parameter from jpg, jpeg,gif, and png to jpg, jpeg,gif, png, pphphp. | 9.8 |
2023-10-25 | CVE-2023-45555 | Unrestricted Upload of File with Dangerous Type vulnerability in Zzzcms 2.1.9 File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via a crafted file to the down_url function in zzz.php file. | 7.8 |
2023-10-14 | CVE-2023-5582 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Zzzcms 2.2.0 A vulnerability, which was classified as problematic, has been found in ZZZCMS 2.2.0. | 5.4 |
2023-09-29 | CVE-2023-5263 | Permission Issues vulnerability in Zzzcms 2.1.7 A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. | 8.8 |
2021-12-09 | CVE-2020-19682 | Cross-Site Request Forgery (CSRF) vulnerability in Zzzcms 1.7.1 A Cross Site Request Forgery (CSRF) vulnerability exits in ZZZCMS V1.7.1 via the save_user funciton in save.php. | 6.8 |
2021-12-09 | CVE-2020-19683 | Cross-site Scripting vulnerability in Zzzcms 1.7.1 A Cross Site Scripting (XSS) exists in ZZZCMS V1.7.1 via an editfile action in save.php. | 3.5 |