ZZCMS 2023 eginfo.php phome Bayani fitowa

Hakika vulnerability da aka rarraba a matsayin karshewa an gano a ZZCMS 2023. Tabbas, aikin $software_function ne ke da matsala; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburare $software_library, a cikin fayil 3/E_bak5.1/upload/eginfo.php, a cikin sashi $software_component. Wuro manipulation of the argument phome with the input ShowPHPInfo ga Bayani fitowa. Amfani da CWE wajen bayyana matsala yana kaiwa CWE-200. Lalle, rauni an sanar da shi 08/19/2024. Ana samun bayanin tsaro don saukewa a gitee.com. Ana kiran wannan rauni da CVE-2024-7925. Ngam yiɗi ka a tuma ndiyam ka nder waya. Bayani na fasaha ga. Kuma, akwai exploit. Exploit ɗin an bayyana wa jama'a, za a iya amfani da shi. A sa'i, exploit might be approx. USD $0-$5k ndiyam. Á yí huɗɗi-na-gaskiya. Za a iya samun exploit a gitee.com. 0-day ga, an ndiyam a wuro be $0-$5k. Entry ɗin nan yana da duplicate CVE-2024-44820 da aka haɗa masa. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

4 Goyarwa · 87 Datenpunkte

FurɗeSúgá
08/19/2024 15:49		Gargadi 1/3
08/21/2024 03:20		Gargadi 2/3
09/30/2024 07:48		Gargadi 3/3
09/30/2024 07:51
cvss4_vuldb_uiNNNN
cvss4_vuldb_vcLLLL
cvss4_vuldb_viNNNN
cvss4_vuldb_vaNNNN
cvss4_vuldb_ePPPP
cvss2_vuldb_auSSSS
cvss2_vuldb_rlNDNDNDND
cvss3_vuldb_prLLLL
cvss3_vuldb_rlXXXX
cvss4_vuldb_atNNNN
cvss4_vuldb_prLLLL
cvss4_vuldb_scNNNN
cvss4_vuldb_siNNNN
cvss4_vuldb_saNNNN
cvss2_vuldb_basescore4.04.04.04.0
cvss2_vuldb_tempscore3.43.43.43.4
cvss3_vuldb_basescore4.34.34.34.3
cvss3_vuldb_tempscore3.93.93.93.9
cvss3_meta_basescore4.35.45.45.4
cvss3_meta_tempscore3.95.25.25.2
cvss4_vuldb_bscore5.35.35.35.3
cvss4_vuldb_btscore2.12.12.12.1
advisory_date1724018400 (08/19/2024)1724018400 (08/19/2024)1724018400 (08/19/2024)1724018400 (08/19/2024)
price_0day$0-$5k$0-$5k$0-$5k$0-$5k
software_nameZZCMSZZCMSZZCMSZZCMS
software_version2023202320232023
software_file3/E_bak5.1/upload/eginfo.php3/E_bak5.1/upload/eginfo.php3/E_bak5.1/upload/eginfo.php3/E_bak5.1/upload/eginfo.php
software_argumentphomephomephomephome
input_valueShowPHPInfoShowPHPInfoShowPHPInfoShowPHPInfo
vulnerability_cweCWE-200 (Bayani fitowa)CWE-200 (Bayani fitowa)CWE-200 (Bayani fitowa)CWE-200 (Bayani fitowa)
vulnerability_risk1111
cvss3_vuldb_avNNNN
cvss3_vuldb_acLLLL
cvss3_vuldb_uiNNNN
cvss3_vuldb_sUUUU
cvss3_vuldb_cLLLL
cvss3_vuldb_iNNNN
cvss3_vuldb_aNNNN
cvss3_vuldb_ePPPP
cvss3_vuldb_rcRRRR
advisory_urlhttps://gitee.com/A0kooo/cve_article/blob/master/zzcms/information_leak/Zenmus%20ekinfo.php%20had%20an%20information%20leak.mdhttps://gitee.com/A0kooo/cve_article/blob/master/zzcms/information_leak/Zenmus%20ekinfo.php%20had%20an%20information%20leak.mdhttps://gitee.com/A0kooo/cve_article/blob/master/zzcms/information_leak/Zenmus%20ekinfo.php%20had%20an%20information%20leak.mdhttps://gitee.com/A0kooo/cve_article/blob/master/zzcms/information_leak/Zenmus%20ekinfo.php%20had%20an%20information%20leak.md
exploit_availability1111
exploit_publicity1111
exploit_urlhttps://gitee.com/A0kooo/cve_article/blob/master/zzcms/information_leak/Zenmus%20ekinfo.php%20had%20an%20information%20leak.mdhttps://gitee.com/A0kooo/cve_article/blob/master/zzcms/information_leak/Zenmus%20ekinfo.php%20had%20an%20information%20leak.mdhttps://gitee.com/A0kooo/cve_article/blob/master/zzcms/information_leak/Zenmus%20ekinfo.php%20had%20an%20information%20leak.mdhttps://gitee.com/A0kooo/cve_article/blob/master/zzcms/information_leak/Zenmus%20ekinfo.php%20had%20an%20information%20leak.md
source_cveCVE-2024-7925CVE-2024-7925CVE-2024-7925CVE-2024-7925
cna_responsibleVulDBVulDBVulDBVulDB
software_typeContent Management SystemContent Management SystemContent Management SystemContent Management System
cvss2_vuldb_avNNNN
cvss2_vuldb_acLLLL
cvss2_vuldb_ciPPPP
cvss2_vuldb_iiNNNN
cvss2_vuldb_aiNNNN
cvss2_vuldb_ePOCPOCPOCPOC
cvss2_vuldb_rcURURURUR
cvss4_vuldb_avNNNN
cvss4_vuldb_acLLLL
cve_nvd_summaryA vulnerability was found in ZZCMS 2023. It has been rated as problematic. This issue affects some unknown processing of the file 3/E_bak5.1/upload/eginfo.php. The manipulation of the argument phome with the input ShowPHPInfo leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.A vulnerability was found in ZZCMS 2023. It has been rated as problematic. This issue affects some unknown processing of the file 3/E_bak5.1/upload/eginfo.php. The manipulation of the argument phome with the input ShowPHPInfo leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.A vulnerability was found in ZZCMS 2023. It has been rated as problematic. This issue affects some unknown processing of the file 3/E_bak5.1/upload/eginfo.php. The manipulation of the argument phome with the input ShowPHPInfo leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
cve_nvd_summaryesUna vulnerabilidad fue encontrada en ZZCMS 2023 y ha sido calificada como problemática. Este problema afecta un procesamiento desconocido del archivo 3/E_bak5.1/upload/eginfo.php. La manipulación del argumento phome con la entrada ShowPHPInfo conduce a la divulgación de información. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al público y puede utilizarse.Una vulnerabilidad fue encontrada en ZZCMS 2023 y ha sido calificada como problemática. Este problema afecta un procesamiento desconocido del archivo 3/E_bak5.1/upload/eginfo.php. La manipulación del argumento phome con la entrada ShowPHPInfo conduce a la divulgación de información. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al público y puede utilizarse.Una vulnerabilidad fue encontrada en ZZCMS 2023 y ha sido calificada como problemática. Este problema afecta un procesamiento desconocido del archivo 3/E_bak5.1/upload/eginfo.php. La manipulación del argumento phome con la entrada ShowPHPInfo conduce a la divulgación de información. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al público y puede utilizarse.
cvss3_nvd_avNNN
cvss3_nvd_acLLL
cvss3_nvd_prNNN
cvss3_nvd_uiNNN
cvss3_nvd_sUUU
cvss3_nvd_cHHH
cvss3_nvd_iNNN
cvss3_nvd_aNNN
cvss3_nvd_basescore7.57.57.5
cvss3_cna_avNNN
cvss3_cna_acLLL
cvss3_cna_prLLL
cvss3_cna_uiNNN
cvss3_cna_sUUU
cvss3_cna_cLLL
cvss3_cna_iNNN
cvss3_cna_aNNN
cvss3_cna_basescore4.34.34.3
cvss2_cna_avNNN
cvss2_cna_acLLL
cvss2_cna_auSSS
cvss2_cna_ciPPP
cvss2_cna_iiNNN
cvss2_cna_aiNNN
cvss2_cna_basescore444
cve_duplicateCVE-2024-44820CVE-2024-44820
source_mischttps://github.com/gkdgkd123/codeAudit/blob/main/CVE-2024-44820%20ZZCMS2023%20phpinfo%E6%B3%84%E9%9C%B2.md

GurɗoGumtiGada

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!