CVE-2022-40443

Name of the Vulnerable Software and Affected Versions ZZCMS version 2022

Description An absolute path traversal issue allows attackers to obtain sensitive information via a crafted GET request sent to "/one/siteinfo.php".

Recommendations For ZZCMS version 2022, as a temporary workaround, consider restricting access to the "/one/siteinfo.php" endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.