Search Results | AttackerKB

Show filters

Topics 112 Users 9,711

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

112 Total Results

Displaying 31-40 of 112

Attacker Value

Unknown

CVE-2019-12355

Disclosure Date: June 17, 2022 (last updated October 07, 2023)

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_print.php (when the attacker has dls_print authority) via the id parameter.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-12354

Disclosure Date: June 17, 2022 (last updated October 07, 2023)

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/showbad.php (when the attacker has admin authority) via the id parameter.

Attack Vector: Network Privileges: High User Interaction: None

0

Attacker Value

Unknown

CVE-2019-12353

Disclosure Date: June 17, 2022 (last updated October 07, 2023)

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/dl_sendmail.php (when the attacker has admin authority) via the id parameter.

Attack Vector: Network Privileges: High User Interaction: None

0

Attacker Value

Unknown

CVE-2019-12352

Disclosure Date: June 17, 2022 (last updated October 07, 2023)

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendmail.php (when the attacker has dls_print authority) via a dlid cookie.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-12351

Disclosure Date: June 02, 2022 (last updated October 07, 2023)

An issue was discovered in zzcms 2019. SQL Injection exists in dl/dl_print.php via an id parameter value with a trailing comma.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2019-12350

Disclosure Date: June 02, 2022 (last updated October 07, 2023)

An issue was discovered in zzcms 2019. SQL Injection exists in dl/dl_download.php via an id parameter value with a trailing comma.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2019-12349

Disclosure Date: June 02, 2022 (last updated October 07, 2023)

An issue was discovered in zzcms 2019. SQL Injection exists in /admin/dl_sendsms.php via the id parameter.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-46437

Disclosure Date: April 08, 2022 (last updated October 07, 2023)

An issue was discovered in ZZCMS 2021. There is a cross-site scripting (XSS) vulnerability in ad_manage.php.

Attack Vector: Network Privileges: High User Interaction: Required

0

Attacker Value

Unknown

CVE-2021-46436

Disclosure Date: April 08, 2022 (last updated October 07, 2023)

An issue was discovered in ZZCMS 2021. There is a SQL injection vulnerability in ad_manage.php.

Attack Vector: Network Privileges: High User Interaction: None

0

Attacker Value

Unknown

CVE-2022-23881

Disclosure Date: March 23, 2022 (last updated October 07, 2023)

ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution (RCE) vulnerability via danger_key() at zzz_template.php.

Attack Vector: Network Privileges: None User Interaction: None

0