Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution (RCE).
AnalysisAI
Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution (RCE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution (RCE). Affected products include: Tribalsystems Zenario.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin
Cross-Site Request Forgery (CSRF) vulnerability was discovered in the 8.3 version of Zenario Content Management System v
Zenario CMS 9.2 allows an authenticated admin user to bypass the file upload restriction by creating a new 'File/MIME Ty
A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code
A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code
A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a
A vulnerability, which was classified as problematic, has been found in Tribal Systems Zenario CMS 9.3.57595. Rated medi
Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS) via svg,Users & Contacts. Rated medium severity (CVSS
Zenario CMS 9.3.57186 is is vulnerable to Cross Site Scripting (XSS) via profile. Rated medium severity (CVSS 5.4), this
Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS) via News articles. Rated medium severity (CVSS 5.4), t
Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS) via the Nest library module. Rated medium severity (CV
SQL Injection in the "admin_boxes.ajax.php" component of Tribal Systems Zenario CMS v8.8.52729 allows remote attackers t
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today