zzcms 8.3 has stored XSS related to the content variable in user/manage.php and zt/show.php.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-08-06
zzcms 8.3 has CSRF via the admin/adminadd.php?action=add URI.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-08-06
/user/del.php in zzcms 8.3 allows SQL injection via the tablename parameter after leveraging use of the zzcms_ask table.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-07-03
Page 2