Zzcms

4 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-13171 MEDIUM POC This Month

A vulnerability was identified in ZZCMS 2023. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Zzcms
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-1949 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in ZZCMS 2025.php of the component URL Handler. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Zzcms
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-22957 CRITICAL POC Act Now

A SQL injection vulnerability exists in the front-end of the website in ZZCMS <= 2023, which can be exploited without any authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass SQLi Zzcms
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-0565 MEDIUM POC This Week

A vulnerability was found in ZZCMS 2023. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Zzcms
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-13171
EPSS 0% CVSS 5.3
MEDIUM POC This Month

A vulnerability was identified in ZZCMS 2023. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Zzcms
NVD GitHub VulDB
CVE-2025-1949
EPSS 0% CVSS 5.3
MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in ZZCMS 2025.php of the component URL Handler. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Zzcms
NVD GitHub VulDB
CVE-2025-22957
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A SQL injection vulnerability exists in the front-end of the website in ZZCMS <= 2023, which can be exploited without any authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass SQLi Zzcms
NVD GitHub
CVE-2025-0565
EPSS 0% CVSS 6.9
MEDIUM POC This Week

A vulnerability was found in ZZCMS 2023. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Zzcms
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy