Cross Site Request Forgery vulnerability in ZZCMS v.2023 and earlier allows a remote attacker to gain privileges via the add function in adminlist.php.
References
Link | Resource |
---|---|
http://www.zzcms.net/about/download.html | Product |
https://github.com/779789571/zzcms/blob/main/README.md | |
https://github.com/forget-code/zzcms/issues/6 | Exploit Issue Tracking |
Configurations
History
01 Aug 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Cross Site Request Forgery vulnerability in ZZCMS v.2023 and earlier allows a remote attacker to gain privileges via the add function in adminlist.php. |
10 Jul 2023, 16:57
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://www.zzcms.net/about/download.html - Product | |
References | (MISC) https://github.com/forget-code/zzcms/issues/6 - Exploit, Issue Tracking | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CPE | cpe:2.3:a:zzcms:zzcms:2023:*:*:*:*:*:*:* | |
CWE | CWE-352 |
03 Jul 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-03 21:15
Updated : 2024-02-04 23:37
NVD link : CVE-2023-36162
Mitre link : CVE-2023-36162
CVE.ORG link : CVE-2023-36162
JSON object : View
Products Affected
zzcms
- zzcms
CWE
CWE-352
Cross-Site Request Forgery (CSRF)