Zzcms

Zzcms

103 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2018-8968

Exploit
  • EPSS 0.75%
  • Published 24.03.2018 18:29:00
  • Last modified 21.11.2024 04:14:42

An issue was discovered in zzcms 8.2. user/manage.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg or oldflv parameter in an action=modify request. This can be leveraged for database access by dele...

7.5

CVE-2018-8969

Exploit
  • EPSS 0.75%
  • Published 24.03.2018 18:29:00
  • Last modified 21.11.2024 04:14:42

An issue was discovered in zzcms 8.2. user/licence_save.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting...

5.3

CVE-2018-7434

Exploit
  • EPSS 0.3%
  • Published 24.02.2018 03:29:00
  • Last modified 21.11.2024 04:12:07

zzcms 8.2 allows remote attackers to discover the full path via a direct request to 3/qq_connect2.0/API/class/ErrorCase.class.php or 3/ucenter_api/code/friend.php.