CVE-2021-45347
Published
CVSS v3
7.5
HIGH
CVSS v2
5
MEDIUM
Affected
1
PROJECT
Description
An Incorrect Access Control vulnerability exists in zzcms 8.2, which lets a malicious user bypass authentication by changing the user name in the cookie to use any password.
zzcms,站长招商网cms,适用于招商代理型的行业网站,可用于医药招商网站程序源码,服装招商网站程序源码,化妆品招商网站的程序源码等。目前forget-code项目缓存了v7.0~2019的版本,官网最新版下载地址:http://www.zzcms.net/about/6.htm
GitHub