PT-2022-16309 · Unknown · Zzzcms Zzzphp
Published
2022-03-23
·
Updated
2023-08-08
·
CVE-2022-23881
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
ZZZCMS zzzphp version 2.1.0
Description
A remote command execution issue was discovered in ZZZCMS zzzphp, allowing for potential exploitation via the
danger key() function at zzz template.php.Recommendations
For ZZZCMS zzzphp version 2.1.0, consider disabling the
danger key() function at zzz template.php as a temporary workaround until a patch is available.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Zzzcms Zzzphp