Vulnerabilities > Zzzcms > Zzzphp > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-18 | CVE-2023-45909 | Open Redirect vulnerability in Zzzcms Zzzphp 2.2.0 zzzcms v2.2.0 was discovered to contain an open redirect vulnerability. | 6.1 |
| 2019-09-23 | CVE-2019-16720 | Unrestricted Upload of File with Dangerous Type vulnerability in Zzzcms Zzzphp 1.7.2 ZZZCMS zzzphp v1.7.2 does not properly restrict file upload in plugins/ueditor/php/controller.php?upfolder=news&action=catchimage, as demonstrated by uploading a .htaccess or .php5 file. | 5.0 |
| 2019-02-26 | CVE-2019-9182 | Cross-Site Request Forgery (CSRF) vulnerability in Zzzcms Zzzphp 1.6.1 There is a CSRF in ZZZCMS zzzphp V1.6.1 via a /admin015/save.php?act=editfile request. | 6.8 |
| 2019-02-23 | CVE-2019-9041 | Code Injection vulnerability in Zzzcms Zzzphp 1.6.1 An issue was discovered in ZZZCMS zzzphp V1.6.1. | 6.5 |