← Back

Zeta Producer

zeta-producer

2 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Zeta Producer
zeta_producer
1 CVE
Zeta Producer Desktop Cms
zeta_producer_desktop_cms
1 CVE

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-13981
1Zeta Producer
1Zeta Producer Desktop Cms
Nov 21, 2024
Jul 16, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated remote code execution due to a default component that permits arbitrary upload of PHP files, because the formmai...Show more
The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated remote code execution due to a default component that permits arbitrary upload of PHP files, because the formmailer widget blocks .php files but not .php5 or .phtml files. This is related to /assets/php/formmailer/SendEmail.php and /assets/php/formmailer/functions.php.Show less
CVE-2018-13980
1Zeta Producer
1Zeta Producer
Nov 21, 2024
Jul 16, 2018
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated file disclosure if the plugin "filebrowser" is installed, because of assets/php/filebrowser/filebrowser.main.php...Show more
The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated file disclosure if the plugin "filebrowser" is installed, because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal.Show less