96xiaopang/Vulnerabilities

Releases0

Vulnerabilities

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-45554 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via modification of the imageext parameter from jpg, jpeg,gif, and png to jpg, jpeg,gif, png, pphphp.
CVE-2023-45555 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	7.8 HIGH	—
File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via a crafted file to the down_url function in zzz.php file.