CVE-2025-13171

Medium CVSS: 5.3

A vulnerability was identified in ZZCMS 2023. This impacts an unknown function of the file /admin/wangkan_list.php. Such manipulation of the argument keyword leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used.

Vendor

Zzcms

Product

Zzcms

CWE

CWE-74

Yayın Tarihi

2025-11-14 18:15:45

Güncelleme

2025-12-19 17:02:33

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-74 Zzcms MEDIUM Zzcms 2025

Referanslar

https://github.com/En0t5/vul/blob/main/zzcms/zzcms-sql-inject2.md https://github.com/En0t5/vul/blob/main/zzcms/zzcms-sql-inject2.md#poc https://vuldb.com/?ctiid.332463 https://vuldb.com/?id.332463 https://vuldb.com/?submit.684765

Benzer Kayıtlar

Medium

CVE-2025-14837

A vulnerability has been found in ZZCMS 2025. Affected by this issue is the function stripfxg of the file /admin/sitecon…

Medium

CVE-2025-14836

A flaw has been found in ZZCMS 2025. Affected by this vulnerability is an unknown functionality of the file /reg/user_sa…

Medium

CVE-2025-1949

A vulnerability, which was classified as problematic, has been found in ZZCMS 2025. This issue affects some unknown proc…

Critical

CVE-2025-22957

A SQL injection vulnerability exists in the front-end of the website in ZZCMS

Medium

CVE-2025-0565

A vulnerability was found in ZZCMS 2023. It has been rated as critical. Affected by this issue is some unknown functiona…