Show filters
7 Total Results
Displaying 1-7 of 7
Sort by:
Attacker Value
Unknown
CVE-2022-27133
Disclosure Date: April 10, 2022 (last updated October 07, 2023)
zbzcms v1.0 was discovered to contain an arbitrary file deletion vulnerability via /include/up.php.
0
Attacker Value
Unknown
CVE-2022-27131
Disclosure Date: April 10, 2022 (last updated February 23, 2025)
An arbitrary file upload vulnerability at /zbzedit/php/zbz.php in zbzcms v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
0
Attacker Value
Unknown
CVE-2022-27129
Disclosure Date: April 10, 2022 (last updated February 23, 2025)
An arbitrary file upload vulnerability at /admin/ajax.php in zbzcms v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
0
Attacker Value
Unknown
CVE-2022-27128
Disclosure Date: April 10, 2022 (last updated February 23, 2025)
An incorrect access control issue at /admin/run_ajax.php in zbzcms v1.0 allows attackers to arbitrarily add administrator accounts.
0
Attacker Value
Unknown
CVE-2022-27127
Disclosure Date: April 10, 2022 (last updated February 23, 2025)
zbzcms v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php/ajax.php.
0
Attacker Value
Unknown
CVE-2022-27126
Disclosure Date: April 10, 2022 (last updated February 23, 2025)
zbzcms v1.0 was discovered to contain a SQL injection vulnerability via the art parameter at /include/make.php.
0
Attacker Value
Unknown
CVE-2022-27125
Disclosure Date: April 10, 2022 (last updated February 23, 2025)
zbzcms v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the neirong parameter at /php/ajax.php.
0
