Vulnerability CVE-2018-14961


Published: 2018-08-06

Description:
dl/dl_sendmail.php in zzcms 8.3 has SQL Injection via the sql parameter.

Type:

CWE-89

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

Vendor: Zzcms
Product: Zzcms 
Version: 8.3;

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

 References:
https://blog.csdn.net/weixin_42813492/article/details/81240523
https://github.com/AvaterXXX/ZZCMS/blob/master/README.md

Related CVE
CVE-2018-17416
A SQL injection vulnerability exists in zzcms v8.3 via the /admin/adclass.php bigclassid parameter.
CVE-2018-17415
zzcms V8.3 has a SQL injection in /user/zs_elite.php via the id parameter.
CVE-2018-17414
zzcms v8.3 has a SQL injection in /user/jobmanage.php via the bigclass parameter.
CVE-2018-17413
XSS exists in zzcms v8.3 via the /uploadimg_form.php noshuiyin parameter.
CVE-2018-17412
zzcms v8.3 contains a SQL Injection vulnerability in /user/logincheck.php via an X-Forwarded-For HTTP header.
CVE-2019-9078
zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter because inc/stopsqlin.php does not block a mixed-case string such as sCrIpT.
CVE-2019-8411
admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to delete arbitrary files via action=del&filename=../ directory traversal.
CVE-2018-18792
An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs_list.php via a pxzs cookie.

Copyright 2019, cxsecurity.com

 

Back to Top