Show filters
117 Total Results
Displaying 41-50 of 117
Sort by:
Attacker Value
Unknown
CVE-2021-45286
Disclosure Date: February 09, 2022 (last updated February 23, 2025)
Directory Traversal vulnerability exists in ZZCMS 2021 via the skin parameter in 1) index.php, 2) bottom.php, and 3) top_index.php.
0
Attacker Value
Unknown
CVE-2021-42945
Disclosure Date: December 15, 2021 (last updated February 23, 2025)
A SQL Injection vulnerability exists in ZZCMS 2021 via the askbigclassid parameter in /admin/ask.php.
0
Attacker Value
Unknown
CVE-2020-19042
Disclosure Date: December 13, 2021 (last updated February 23, 2025)
Cross Site Scripting (XSS) vulnerability exists in zzcms 2019 XSS via a modify action in user/adv.php.
0
Attacker Value
Unknown
CVE-2021-40282
Disclosure Date: December 09, 2021 (last updated February 23, 2025)
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, abd 2021 in dl/dl_download.php. when registering ordinary users.
0
Attacker Value
Unknown
CVE-2021-40281
Disclosure Date: December 09, 2021 (last updated February 23, 2025)
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 in dl/dl_print.php when registering ordinary users.
0
Attacker Value
Unknown
CVE-2021-40280
Disclosure Date: December 09, 2021 (last updated February 23, 2025)
An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/dl_sendmail.php.
0
Attacker Value
Unknown
CVE-2021-40279
Disclosure Date: December 09, 2021 (last updated February 23, 2025)
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/bad.php.
0
Attacker Value
Unknown
CVE-2020-19960
Disclosure Date: October 14, 2021 (last updated February 23, 2025)
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dl_sendsms.php page cookie.
0
Attacker Value
Unknown
CVE-2020-19961
Disclosure Date: October 14, 2021 (last updated February 23, 2025)
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the component subzs.php.
0
Attacker Value
Unknown
CVE-2020-19959
Disclosure Date: October 14, 2021 (last updated February 23, 2025)
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dl_sendmail.php page cookie.
0
