Zzcms : Security Vulnerabilities, CVEs, (Code Execution) CVSS score >= 5

CVE-2023-50104

ZZCMS 2023 has a file upload vulnerability in 3/E_bak5.1/upload/index.php, allowing attackers to exploit this loophole to gain server privileges and execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.14%
Published
2023-12-29
Updated
2024-01-05

CVE-2023-42398

An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php.
Max CVSS
9.8
EPSS Score
0.27%
Published
2023-09-15
Updated
2023-09-20

CVE-2020-19822

A remote code execution (RCE) vulnerability in template_user.php of ZZCMS version 2018 allows attackers to execute arbitrary PHP code via the "ml" and "title" parameters.
Max CVSS
7.2
EPSS Score
0.40%
Published
2021-08-26
Updated
2022-10-26
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close