CVEDB API

Vulnerabilities

Vulnerable Software

Zzcms: >> Zzcms >> 2019 Security Vulnerabilities

CVE-2019-12353

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/dl_sendmail.php (when the attacker has admin authority) via the id parameter.

CVSS Score

7.2

EPSS Score

0.002

Published

2022-06-17

CVE-2019-12354

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/showbad.php (when the attacker has admin authority) via the id parameter.

CVSS Score

7.2

EPSS Score

0.002

Published

2022-06-17

CVE-2019-12355

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_print.php (when the attacker has dls_print authority) via the id parameter.

CVSS Score

8.8

EPSS Score

0.003

Published

2022-06-17

CVE-2019-12356

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter.

CVSS Score

8.8

EPSS Score

0.003

Published

2022-06-17

CVE-2019-12357

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/deluser.php (when the attacker has admin authority) via the id parameter.

CVSS Score

7.2

EPSS Score

0.002

Published

2022-06-17

CVE-2019-12358

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendsms.php (when the attacker has dls_print authority) via a dlid cookie.

CVSS Score

8.8

EPSS Score

0.003

Published

2022-06-17

CVE-2019-12359

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/ztliuyan_sendmail.php (when the attacker has admin authority) via the id parameter.

CVSS Score

7.2

EPSS Score

0.002

Published

2022-06-17

CVE-2019-12349

An issue was discovered in zzcms 2019. SQL Injection exists in /admin/dl_sendsms.php via the id parameter.

CVSS Score

9.8

EPSS Score

0.004

Published

2022-06-02

CVE-2019-12350

An issue was discovered in zzcms 2019. SQL Injection exists in dl/dl_download.php via an id parameter value with a trailing comma.

CVSS Score

9.8

EPSS Score

0.004

Published

2022-06-02

CVE-2019-12351

An issue was discovered in zzcms 2019. SQL Injection exists in dl/dl_print.php via an id parameter value with a trailing comma.

CVSS Score

9.8

EPSS Score

0.004

Published

2022-06-02

Prev Next

Page 2

Vulnerabilities

Vulnerable Software

Zzcms: >> Zzcms >> 2019 Security Vulnerabilities

Products

Pricing

Contact Us