AvaterXXX/ZZCMS

AvaterXXX/ZZCMS

Unavailable

This project is no longer available (or publicly accessible) from GitHub

Releases0

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-14961 ↗	Aug 6, 2018Monday, 6 August 2018, 15:29	—	5 MEDIUM
dl/dl_sendmail.php in zzcms 8.3 has SQL Injection via the sql parameter.
CVE-2018-14962 ↗	Aug 6, 2018Monday, 6 August 2018, 15:29	—	3.5 LOW
zzcms 8.3 has stored XSS related to the content variable in user/manage.php and zt/show.php.
CVE-2018-14963 ↗	Aug 6, 2018Monday, 6 August 2018, 15:29	—	6.8 MEDIUM
zzcms 8.3 has CSRF via the admin/adminadd.php?action=add URI.