zzcms 2018 admin/dl_data.php filename path traversal

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical has been found in zzcms 2018 (Content Management System). Affected is an unknown functionality of the file admin/dl_data.php. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
874560805/11/2020VulD...discoverydate151545600005/11/2020accepted100
874565802/18/2019VulD...cvss3_nvd_basescore7.5nist.gov02/18/2019accepted90
874565702/18/2019VulD...0day_days40402/18/2019accepted90
874565602/18/2019VulD...cvss3_vuldb_rcX02/18/2019accepted90
874565502/18/2019VulD...cvss3_vuldb_rlX02/18/2019accepted90
874565402/18/2019VulD...cvss3_vuldb_eX02/18/2019accepted90
874565302/18/2019VulD...cvss2_vuldb_rcND02/18/2019accepted90
874565202/18/2019VulD...cvss2_vuldb_rlND02/18/2019accepted90
874565102/18/2019VulD...cvss2_vuldb_eND02/18/2019accepted90
874565002/18/2019VulD...cve_nvd_summaryadmin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to delete arbitrary files via action=del&filename=../ directory traversal.mitre.org02/18/2019accepted100
874564902/18/2019VulD...cve_assigned1550361600mitre.org02/18/2019accepted100
874564802/18/2019VulD...cveCVE-2019-8411mitre.org02/18/2019accepted100
874564702/18/2019VulD...price_0day$0-$5ksee documentation02/18/2019accepted100
874564602/18/2019VulD...date1550361600 (02/17/2019)02/18/2019accepted100
874564502/18/2019VulD...cvss3_nvd_aNnist.gov02/18/2019accepted100
874564402/18/2019VulD...cvss3_nvd_iHnist.gov02/18/2019accepted100
874564302/18/2019VulD...cvss3_nvd_cNnist.gov02/18/2019accepted100
874564202/18/2019VulD...cvss3_nvd_sUnist.gov02/18/2019accepted100
874564102/18/2019VulD...cvss3_nvd_uiNnist.gov02/18/2019accepted100
874564002/18/2019VulD...cvss3_nvd_prNnist.gov02/18/2019accepted100

Do you know our Splunk app?

Download it now for free!