CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-12356

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

https://github.com/cby234/zzcms/issues/5
https://github.com/cby234/zzcms/issues/5

Products affected by CVE-2019-12356

Zzcms » Zzcms » Version: 2019

cpe:2.3:a:zzcms:zzcms:2019

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-12356

Products

Pricing

Contact Us