Show filters
22 Total Results
Displaying 1-10 of 22
Sort by:
Attacker Value
Unknown

CVE-2020-23630

Disclosure Date: January 11, 2021 (last updated February 22, 2025)
A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection).
Attack Vector: NetworkPrivileges: LowUser Interaction: None
1
1
Attacker Value
Unknown

CVE-2019-12359

Disclosure Date: June 17, 2022 (last updated October 07, 2023)
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/ztliuyan_sendmail.php (when the attacker has admin authority) via the id parameter.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-12358

Disclosure Date: June 17, 2022 (last updated October 07, 2023)
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendsms.php (when the attacker has dls_print authority) via a dlid cookie.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-12357

Disclosure Date: June 17, 2022 (last updated October 07, 2023)
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/deluser.php (when the attacker has admin authority) via the id parameter.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-12356

Disclosure Date: June 17, 2022 (last updated October 07, 2023)
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-12355

Disclosure Date: June 17, 2022 (last updated October 07, 2023)
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_print.php (when the attacker has dls_print authority) via the id parameter.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-12354

Disclosure Date: June 17, 2022 (last updated October 07, 2023)
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/showbad.php (when the attacker has admin authority) via the id parameter.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-12353

Disclosure Date: June 17, 2022 (last updated October 07, 2023)
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/dl_sendmail.php (when the attacker has admin authority) via the id parameter.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-12352

Disclosure Date: June 17, 2022 (last updated October 07, 2023)
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendmail.php (when the attacker has dls_print authority) via a dlid cookie.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-12351

Disclosure Date: June 02, 2022 (last updated October 07, 2023)
An issue was discovered in zzcms 2019. SQL Injection exists in dl/dl_print.php via an id parameter value with a trailing comma.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  Next >