Shodan
Vulnerabilities
Vulnerable Software
Zzcms:  >> Zzcms  Security Vulnerabilities
CVE-2020-19042
Cross Site Scripting (XSS) vulnerability exists in zzcms 2019 XSS via a modify action in user/adv.php.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-12-13
CVE-2021-43703
An Incorrect Access Control vulnerability exists in zzcms less than or equal to 2019 via admin.php. After disabling JavaScript, you can directly access the administrator console.
CVSS Score
9.8
EPSS Score
0.009
Published
2021-12-09
CVE-2021-40281
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 in dl/dl_print.php when registering ordinary users.
CVSS Score
8.8
EPSS Score
0.003
Published
2021-12-09
CVE-2021-40282
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, abd 2021 in dl/dl_download.php. when registering ordinary users.
CVSS Score
8.8
EPSS Score
0.003
Published
2021-12-09
CVE-2021-40279
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/bad.php.
CVSS Score
7.2
EPSS Score
0.003
Published
2021-12-09
CVE-2021-40280
An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/dl_sendmail.php.
CVSS Score
7.2
EPSS Score
0.003
Published
2021-12-09
CVE-2020-19957
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the id parameter on the /dl/dl_print.php page.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-10-14
CVE-2020-19959
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dl_sendmail.php page cookie.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-10-14
CVE-2020-19960
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dl_sendsms.php page cookie.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-10-14
CVE-2020-19961
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the component subzs.php.
CVSS Score
7.5
EPSS Score
0.008
Published
2021-10-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved