Known Vulnerabilities for products from Zzcms

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Zzcms".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2020-35973 An issue was discovered in zzcms2020. There is a XSS vulnerability that can insert and execute JS code arbitrarily via /user/... 5.4 - MEDIUM 2021-06-03 2021-06-09
CVE-2020-23630 A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection). 8.8 - HIGH 2021-01-11 2021-01-14
CVE-2020-23426 zzcms 201910 contains an access control vulnerability through escalation of privileges in /user/adv.php, which allows an atta... 9.8 - CRITICAL 2021-04-08 2021-04-14
CVE-2020-21342 Insecure permissions issue in zzcms 201910 via the reset any user password in /one/getpassword.php. 7.5 - HIGH 2021-05-13 2021-06-02
CVE-2020-20285 There is a XSS in the user login page in zzcms 2019. Users can inject js code by the referer header via user/login.php 5.4 - MEDIUM 2020-12-18 2020-12-22
CVE-2020-19961 A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data vi... 7.5 - HIGH 2021-10-14 2021-10-19
CVE-2020-19960 A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data vi... 7.5 - HIGH 2021-10-14 2021-10-19
CVE-2020-19959 A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data vi... 7.5 - HIGH 2021-10-14 2021-10-19
CVE-2020-19957 A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data vi... 7.5 - HIGH 2021-10-14 2021-10-19
CVE-2020-19822 A remote code execution (RCE) vulnerability in template_user.php of ZZCMS version 2018 allows attackers to execute arbitrary ... 7.2 - HIGH 2021-08-26 2021-09-01
CVE-2019-1010153 zzcms 8.3 and earlier is affected by: SQL Injection. The impact is: sql inject. The component is: zs/subzs.php. 9.8 - CRITICAL 2019-07-23 2019-07-24
CVE-2019-1010152 zzcms 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: getshell. The component is: user/manage.p... 9.8 - CRITICAL 2019-07-23 2021-07-21
CVE-2019-1010151 zzcms zzmcms 8.3 and earlier is affected by: File Delete to getshell. The impact is: getshell. The component is: /user/ppsave... 9.8 - CRITICAL 2019-07-19 2020-08-24
CVE-2019-1010150 zzcms 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: getshell. The component is: /user/zssave.... 9.8 - CRITICAL 2019-07-23 2021-07-21
CVE-2019-1010149 zzcms version 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: zzcms File Delete to Code Executi... 9.8 - CRITICAL 2019-07-23 2021-07-21
CVE-2019-1010148 zzcms version 8.3 and earlier is affected by: SQL Injection. The impact is: zzcms File Delete to Code Execution. 9.8 - CRITICAL 2019-07-23 2019-07-24
CVE-2019-12348 An issue was discovered in zzcms 2019. SQL Injection exists in user/ztconfig.php via the daohang or img POST parameter. 9.8 - CRITICAL 2021-05-24 2021-05-27
CVE-2019-9078 zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter because inc/stopsqlin.php does not block a mixed-case st... 5.4 - MEDIUM 2019-02-24 2019-02-25
CVE-2019-8411 admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to delete arbitrary files via action=del&filename=../ di... 7.5 - HIGH 2019-02-17 2019-02-19
CVE-2018-1000653 zzcms version 8.3 and earlier contains a SQL Injection vulnerability in zt/top.php line 5 that can result in could be attacke... 9.8 - CRITICAL 2018-08-20 2018-10-12
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Zzcms

Type Vendor Product Version
ApplicationZzcmsZzcms2.0
ApplicationZzcmsZzmcms8.3

Popular searches for "Zzcms"

zzcms,招商网cms,专业做招商网,zzcms专业做招商网的程序源码

www.zzcms.net

R Nzzcms,cms,zzcms zcms & ,cms

XM (file format) PHP MySQL Unix UTF-8 Software testing Test (Unix) .cn .com B Unix-like Al (folklore) UEFA Euro 2020 Test (assessment) Statistical hypothesis testing 2020 United States presidential election Test (biology) 2020 NHL Entry Draft Phonograph record MySQL AB

zzcms专业做招商网的程序源码

3158.zzcms.net

&zzcms zcms

Chinese characters Zhejiang Hebei Tianjin Shanghai Pinyin Radical 144 Tencent QQ Goat (zodiac) Oku (surname) Beijing 9 List of Latin-script digraphs L V Asteroid family Dental, alveolar and postalveolar lateral approximants 5 8888 (Philippines) Volt

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].