Zzzcms Zzzcms

  1. Vendors
  2. Zzzcms

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Zzzcms product.

RSS Feeds for Zzzcms security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Zzzcms products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Zzzcms Sorted by Most Security Vulnerabilities since 2018

Zzzcms Zzzphp11 vulnerabilities

Zzzcms6 vulnerabilities

By the Year

In 2026 there have been 0 vulnerabilities in Zzzcms. Zzzcms did not have any published security vulnerabilities last year.




Year Vulnerabilities Average Score
2026 0 0.00
2025 0 0.00
2024 0 0.00
2023 5 7.58
2022 1 9.80
2021 3 9.80
2020 1 9.80
2019 7 8.98

It may take a day or so for new Zzzcms vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Zzzcms Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2023-45554 Oct 25, 2023
Remote Code Exec via File Upload in zzzCMS 2.1.9 (imageext) File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via modification of the imageext parameter from jpg, jpeg,gif, and png to jpg, jpeg,gif, png, pphphp.
Zzzcms
CVE-2023-45555 Oct 25, 2023
zzzCMS 2.1.9 File Upload RCE via down_url in zzz.php File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via a crafted file to the down_url function in zzz.php file.
Zzzcms
CVE-2023-45909 Oct 18, 2023
zZzCMS v2.2.0 Open Redirect (before 2.2.0) zzzcms v2.2.0 was discovered to contain an open redirect vulnerability.
Zzzphp
CVE-2023-5582 Oct 14, 2023
ZZZCMS 2.2.0 XSS in Personal Profile Page A vulnerability, which was classified as problematic, has been found in ZZZCMS 2.2.0. This issue affects some unknown processing of the component Personal Profile Page. The manipulation leads to basic cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-242147.
Zzzcms
CVE-2023-5263 Sep 29, 2023
ZZZCMS 2.1.7: Restore() in /admin/save.php Remote Permission Bypass (CRIT) A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Affected by this issue is the function restore of the file /admin/save.php of the component Database Backup File Handler. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240872.
Zzzcms
CVE-2022-23881 Mar 23, 2022
ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution (RCE) vulnerability ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution (RCE) vulnerability via danger_key() at zzz_template.php.
Zzzphp
CVE-2020-19682 Dec 09, 2021
A Cross Site Request Forgery (CSRF) vulnerability exits in ZZZCMS V1.7.1 A Cross Site Request Forgery (CSRF) vulnerability exits in ZZZCMS V1.7.1 via the save_user funciton in save.php.
Zzzcms
CVE-2020-19683 Dec 09, 2021
A Cross Site Scripting (XSS) exists in ZZZCMS V1.7.1 A Cross Site Scripting (XSS) exists in ZZZCMS V1.7.1 via an editfile action in save.php.
Zzzcms
CVE-2021-32605 May 11, 2021
zzzcms zzzphp before 2.0.4 zzzcms zzzphp before 2.0.4 allows remote attackers to execute arbitrary OS commands by placing them in the keys parameter of a ?location=search URI, as demonstrated by an OS command within an "if" "end if" block.
Zzzphp
CVE-2020-20298 Dec 18, 2020
Eval injection vulnerability in the parserCommom method in the ParserTemplate class in zzz_template.php in zzzphp 1.7.2 Eval injection vulnerability in the parserCommom method in the ParserTemplate class in zzz_template.php in zzzphp 1.7.2 allows remote attackers to execute arbitrary commands.
Zzzphp
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.