CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-12358

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendsms.php (when the attacker has dls_print authority) via a dlid cookie.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.0%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

https://github.com/cby234/zzcms/issues/5
https://github.com/cby234/zzcms/issues/5

Products affected by CVE-2019-12358

Zzcms » Zzcms » Version: 2019

cpe:2.3:a:zzcms:zzcms:2019

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-12358

Products

Pricing

Contact Us