Skip to main content

Zzzcms

4 CVEs product

Monthly

CVE-2023-45555 HIGH POC This Week

File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via a crafted file to the down_url function in zzz.php file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload PHP Zzzcms
NVD GitHub
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-45554 CRITICAL POC Act Now

File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via modification of the imageext parameter from jpg, jpeg,gif, and png to jpg, jpeg,gif, png, pphphp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Zzzcms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2023-5582 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in ZZZCMS 2.2.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Zzzcms
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-5263 HIGH POC This Week

A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Zzzcms
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
EPSS 1% CVSS 7.8
HIGH POC This Week

File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via a crafted file to the down_url function in zzz.php file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload PHP +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via modification of the imageext parameter from jpg, jpeg,gif, and png to jpg, jpeg,gif, png, pphphp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Zzzcms
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in ZZZCMS 2.2.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Zzzcms
NVD GitHub VulDB
EPSS 1% CVSS 8.8
HIGH POC This Week

A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Zzzcms
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy