CVE-2023-5263

Published: Sep 29, 2023Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Affected by this issue is the function restore of the file /admin/save.php of the component Database Backup File Handler. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240872.

Affected (1)

Products: Zzzcms: Zzzcms

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Zzzcms Zzzcms	Version 2.1.7

Related CWEs

References (6)

https://github.com/yhy217/zzzcms-vul/issues/1

Source: cna@vuldb.com

ExploitIssue TrackingThird Party Advisory

https://vuldb.com/?ctiid.240872

Source: cna@vuldb.com

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.240872

Source: cna@vuldb.com

Third Party Advisory

https://github.com/yhy217/zzzcms-vul/issues/1

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

https://vuldb.com/?ctiid.240872

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.240872

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.