qiubaoyang

9 exploits Active since Oct 2018
CVE-2018-18784 WRITEUP HIGH WRITEUP
zzcms 8.3 - Authenticated SQL Injection via tabletag Parameter
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/tagmanage.php via the tabletag parameter. (This needs an admin user login.)
CVSS 7.2
CVE-2018-18785 WRITEUP CRITICAL WRITEUP
zzcms 8.3 - SQL Injection via zzcmscpid Cookie
An issue was discovered in zzcms 8.3. SQL Injection exists in zs/subzs.php with a zzcmscpid cookie to zs/search.php.
CVSS 9.8
CVE-2018-18786 WRITEUP CRITICAL WRITEUP
zzcms 8.3 - SQL Injection via pxzs Cookie
An issue was discovered in zzcms 8.3. SQL Injection exists in ajax/zs.php via a pxzs cookie.
CVSS 9.8
CVE-2018-18787 WRITEUP CRITICAL WRITEUP
zzcms 8.3 - SQL Injection via pxzs Cookie
An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs.php via a pxzs cookie.
CVSS 9.8
CVE-2018-18788 WRITEUP HIGH WRITEUP
zzcms 8.3 - Authenticated SQL Injection via tablename Parameter
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/classmanage.php via the tablename parameter. (This needs an admin user login.)
CVSS 7.2
CVE-2018-18789 WRITEUP CRITICAL WRITEUP
zzcms 8.3 - SQL Injection via Host HTTP Header
An issue was discovered in zzcms 8.3. SQL Injection exists in zt/top.php via a Host HTTP header to zt/news.php.
CVSS 9.8
CVE-2018-18790 WRITEUP HIGH WRITEUP
zzcms 8.3 - Authenticated SQL Injection via zxbigclassid Cookie
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/special_add.php via a zxbigclassid cookie. (This needs an admin user login.)
CVSS 7.2
CVE-2018-18791 WRITEUP CRITICAL WRITEUP
zzcms 8.3 - SQL Injection via pxzs Cookie
An issue was discovered in zzcms 8.3. SQL Injection exists in zs/search.php via a pxzs cookie.
CVSS 9.8
CVE-2018-18792 WRITEUP CRITICAL WRITEUP
zzcms 8.3 - SQL Injection via pxzs Cookie
An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs_list.php via a pxzs cookie.
CVSS 9.8