Aas9 : Security Vulnerabilities, CVEs, Published In 2014
Cross-site scripting (XSS) vulnerability in zero_user_account.php in ZeroCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the Full Name field.
Max CVSS
4.3
EPSS Score
0.23%
Published
2014-07-29
Updated
2015-08-28
Cross-site scripting (XSS) vulnerability in zero_view_article.php in ZeroCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the article_id parameter.
Max CVSS
4.3
EPSS Score
0.23%
Published
2014-07-03
Updated
2014-07-09
SQL injection vulnerability in zero_transact_article.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the article_id parameter in a Submit Comment action.
Max CVSS
7.5
EPSS Score
0.12%
Published
2014-07-09
Updated
2015-09-02
SQL injection vulnerability in zero_view_article.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the article_id parameter.
Max CVSS
7.5
EPSS Score
0.28%
Published
2014-06-11
Updated
2017-08-29
4 vulnerabilities found