Search Results | AttackerKB

Show filters

Topics 3 Users 9,708

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

3 Total Results

Displaying 1-3 of 3

Attacker Value

Unknown

CVE-2020-23630

Disclosure Date: January 11, 2021 (last updated February 22, 2025)

A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection).

Attack Vector: Network Privileges: Low User Interaction: None

1

Attacker Value

Unknown

CVE-2020-21342

Disclosure Date: May 13, 2021 (last updated February 22, 2025)

Insecure permissions issue in zzcms 201910 via the reset any user password in /one/getpassword.php.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2020-23426

Disclosure Date: April 08, 2021 (last updated February 22, 2025)

zzcms 201910 contains an access control vulnerability through escalation of privileges in /user/adv.php, which allows an attacker to modify data for further attacks such as CSRF.

Attack Vector: Network Privileges: None User Interaction: None

0