zzq66

3 exploits Active since Dec 2023
CVE-2023-50104 WRITEUP CRITICAL WRITEUP
ZZCMS 2023 - Unrestricted File Upload in E_bak5.1 Upload Endpoint
ZZCMS 2023 has a file upload vulnerability in 3/E_bak5.1/upload/index.php, allowing attackers to exploit this loophole to gain server privileges and execute arbitrary code.
CVSS 9.8
CVE-2024-29514 WRITEUP HIGH WRITEUP
leptoncms 7.1.0 - Authenticated Remote Code Execution via PHP File Upload
File Upload vulnerability in lepton v.7.1.0 allows a remote authenticated attackers to execute arbitrary code via uploading a crafted PHP file.
CVSS 8.8
CVE-2024-29515 WRITEUP HIGH WRITEUP
leptoncms 7.1.0 - Authenticated Arbitrary File Upload via save.php and config.php
File Upload vulnerability in lepton v.7.1.0 allows a remote authenticated attackers to execute arbitrary code via uploading a crafted PHP file to the save.php and config.php component.
CVSS 8.8