9.8

CVE-2021-43703

Exploit

An Incorrect Access Control vulnerability exists in zzcms less than or equal to 2019 via admin.php. After disabling JavaScript, you can directly access the administrator console.

Data is provided by the National Vulnerability Database (NVD)
ZzcmsZzcms Version <= 2019
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.86% 0.741
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
https://github.com/forget-code/zzcms/issues/1
Third Party Advisory
Exploit