Search Results | AttackerKB

Show filters

Topics 117 Users 9,730

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

117 Total Results

Displaying 21-30 of 117

Attacker Value

Unknown

CVE-2022-40443

Disclosure Date: September 22, 2022 (last updated February 24, 2025)

An absolute path traversal vulnerability in ZZCMS 2022 allows attackers to obtain sensitive information via a crafted GET request sent to /one/siteinfo.php.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2022-35150

Disclosure Date: August 22, 2022 (last updated February 24, 2025)

Baijicms v4 was discovered to contain an arbitrary file upload vulnerability.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2019-12359

Disclosure Date: June 17, 2022 (last updated February 23, 2025)

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/ztliuyan_sendmail.php (when the attacker has admin authority) via the id parameter.

Attack Vector: Network Privileges: High User Interaction: None

0

Attacker Value

Unknown

CVE-2019-12358

Disclosure Date: June 17, 2022 (last updated February 23, 2025)

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendsms.php (when the attacker has dls_print authority) via a dlid cookie.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-12357

Disclosure Date: June 17, 2022 (last updated February 23, 2025)

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/deluser.php (when the attacker has admin authority) via the id parameter.

Attack Vector: Network Privileges: High User Interaction: None

0

Attacker Value

Unknown

CVE-2019-12356

Disclosure Date: June 17, 2022 (last updated February 23, 2025)

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-12355

Disclosure Date: June 17, 2022 (last updated February 23, 2025)

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_print.php (when the attacker has dls_print authority) via the id parameter.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-12354

Disclosure Date: June 17, 2022 (last updated February 23, 2025)

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/showbad.php (when the attacker has admin authority) via the id parameter.

Attack Vector: Network Privileges: High User Interaction: None

0

Attacker Value

Unknown

CVE-2019-12353

Disclosure Date: June 17, 2022 (last updated February 23, 2025)

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/dl_sendmail.php (when the attacker has admin authority) via the id parameter.

Attack Vector: Network Privileges: High User Interaction: None

0

Attacker Value

Unknown

CVE-2019-12352

Disclosure Date: June 17, 2022 (last updated February 23, 2025)

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendmail.php (when the attacker has dls_print authority) via a dlid cookie.

Attack Vector: Network Privileges: Low User Interaction: None

0