CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-1010148
https://notcve.org/view.php?id=CVE-2019-1010148
23 Jul 2019 — zzcms version 8.3 and earlier is affected by: SQL Injection. The impact is: zzcms File Delete to Code Execution. zzcms versión 8.3 y anteriores está afectada por: Inyección SQL. El impacto es: Eliminación de Archivos de zzcms para Ejecución de Código. • https://gist.github.com/Lz1y/acd1bfd0cc0e0f53b8f781840e7bf368 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17413
https://notcve.org/view.php?id=CVE-2018-17413
07 Mar 2019 — XSS exists in zzcms v8.3 via the /uploadimg_form.php noshuiyin parameter. Hay Cross-Site Scripting (XSS) en la versión v8.3 de zzcms mediante el parámetro noshuiyin en /uploadimg_form.php. • https://github.com/seedis/zzcms-xss/blob/master/README.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17414
https://notcve.org/view.php?id=CVE-2018-17414
07 Mar 2019 — zzcms v8.3 has a SQL injection in /user/jobmanage.php via the bigclass parameter. La versión v8.3 de zzcms tiene una inyección SQL en /user/jobmanage.php mediante el parámetro bigclass. • https://github.com/seedis/zzcms/blob/master/SQL%20injection.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17412
https://notcve.org/view.php?id=CVE-2018-17412
07 Mar 2019 — zzcms v8.3 contains a SQL Injection vulnerability in /user/logincheck.php via an X-Forwarded-For HTTP header. zzcms, en su versión v8.3, contiene una vulnerabilidad de inyección SQL en /user/logincheck.php mediante una cabecera HTTP "X-Forwarded-For". • https://github.com/seedis/zzcms/blob/master/README.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17416
https://notcve.org/view.php?id=CVE-2018-17416
07 Mar 2019 — A SQL injection vulnerability exists in zzcms v8.3 via the /admin/adclass.php bigclassid parameter. Ocurre una vulnerabilidad de inyección SQL en la versión v8.3 de zzcms mediante el parámetro bigclassid en /admin/adclass.php. • https://github.com/seedis/zzcms/blob/master/SQL%20injection%20in%20%20addclass.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17415
https://notcve.org/view.php?id=CVE-2018-17415
07 Mar 2019 — zzcms V8.3 has a SQL injection in /user/zs_elite.php via the id parameter. La versión V8.3 de zzcms tiene una inyección SQL en /user/zs_elite.php mediante el parámetro id. • https://github.com/seedis/zzcms/blob/master/SQL%20injection%20in%20zs_elite.php.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18786
https://notcve.org/view.php?id=CVE-2018-18786
29 Oct 2018 — An issue was discovered in zzcms 8.3. SQL Injection exists in ajax/zs.php via a pxzs cookie. Se ha descubierto un problema en zzcms 8.3. Existe inyección SQL en ajax/zs.php mediante una cookie pxzs. • https://github.com/qiubaoyang/CVEs/blob/master/zzcms/zzcms.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18787
https://notcve.org/view.php?id=CVE-2018-18787
29 Oct 2018 — An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs.php via a pxzs cookie. Se ha descubierto un problema en zzcms 8.3. Existe inyección SQL en zs/zs.php mediante una cookie pxzs. • https://github.com/qiubaoyang/CVEs/blob/master/zzcms/zzcms.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18791
https://notcve.org/view.php?id=CVE-2018-18791
29 Oct 2018 — An issue was discovered in zzcms 8.3. SQL Injection exists in zs/search.php via a pxzs cookie. Se ha descubierto un problema en zzcms 8.3. Existe inyección SQL en zs/search.php mediante una cookie pxzs. • https://github.com/qiubaoyang/CVEs/blob/master/zzcms/zzcms.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18785
https://notcve.org/view.php?id=CVE-2018-18785
29 Oct 2018 — An issue was discovered in zzcms 8.3. SQL Injection exists in zs/subzs.php with a zzcmscpid cookie to zs/search.php. Se ha descubierto un problema en zzcms 8.3. Existe una inyección SQL en zs/subzs.php con una cookie zzcmscpid en zs/search.php. • https://github.com/qiubaoyang/CVEs/blob/master/zzcms/zzcms.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •