| ଶୀର୍ଷକ | ZZCMS China Merchants Network Content Management System zzcms 2023 Unauthenticated Arbitrary File Read |
|---|
| ବର୍ଣ୍ଣନା | ## Description of the vulnerability
ZZCMS is a set of content management system (CMS) of the ZZCMS team in China.
ZZCMS 2023 has an arbitrary file read vulnerability due to the lack of valid validation of the file path. An issue in unauthorized file /one/siteinfo.php could allow an unauthenticated attacker to perform directory traversal.
## version
2023 (fully open source)
Last updated 2022-11-10
More details are connected below:
https://gitee.com/A0kooo/cve_article/blob/master/zzcms/Directory_traversal2/zzcms%20siteinfo.php%20Directory%20traversal.md |
|---|
| ଉତ୍ସ | ⚠️ https://gitee.com/A0kooo/cve_article/blob/master/zzcms/Directory_traversal2/zzcms%20siteinfo.php%20Directory%20traversal.md |
|---|
| ଉପଭୋକ୍ତା | 0kooo (UID 73212) |
|---|
| ଦାଖଲ | 08/16/2024 02:31 AM (2 ବର୍ଷ ବର୍ଷ ago) |
|---|
| ମଧ୍ୟମ ଧରଣର | 08/19/2024 03:44 PM (4 days later) |
|---|
| ସ୍ଥିତି | ଗ୍ରହଣ କରାଯାଇଛି |
|---|
| VulDB ଏଣ୍ଟ୍ରି | 275112 [ZZCMS 2023 about_edit.php?action=modify skin ଡିରେକ୍ଟୋରୀ ଟ୍ରାଭର୍ସାଲ] |
|---|
| ପଏଣ୍ଟ | 20 |
|---|