CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-43005

A reflected cross-site scripting (XSS) vulnerability in the component dl_liuyan_save.php of ZZCMS v2023 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.8%

CVSS Severity

CVSS v3 Score 4.7

References

http://zzcms.net
https://github.com/gkdgkd123/codeAudit/blob/main/CVE-2024-43005%20ZZCMS2023%E5%8F%8D%E5%B0%84%E5%9E%8BXSS2.md

Products affected by CVE-2024-43005

Zzcms » Zzcms » Version: 2023

cpe:2.3:a:zzcms:zzcms:2023

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-43005

Products

Pricing

Contact Us