Zzcms : Security Vulnerabilities, CVEs, (Code Execution) CVSS score >= 5
ZZCMS 2023 has a file upload vulnerability in 3/E_bak5.1/upload/index.php, allowing attackers to exploit this loophole to gain server privileges and execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.14%
Published
2023-12-29
Updated
2024-01-05
An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php.
Max CVSS
9.8
EPSS Score
0.27%
Published
2023-09-15
Updated
2023-09-20
A remote code execution (RCE) vulnerability in template_user.php of ZZCMS version 2018 allows attackers to execute arbitrary PHP code via the "ml" and "title" parameters.
Max CVSS
7.2
EPSS Score
0.40%
Published
2021-08-26
Updated
2022-10-26
3 vulnerabilities found