A remote code execution (RCE) vulnerability in template_user.php of ZZCMS version 2018 allows attackers to execute arbitrary PHP code via the "ml" and "title" parameters.
CVSS Score
7.2
EPSS Score
0.034
Published
2021-08-26
admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to delete arbitrary files via action=del&filename=../ directory traversal.
CVSS Score
7.5
EPSS Score
0.012
Published
2019-02-17
Page 2