CVE-2025-14836

Medium CVSS: 5.1

A flaw has been found in ZZCMS 2025. Affected by this vulnerability is an unknown functionality of the file /reg/user_save.php of the component User Data Storage Module. This manipulation causes cleartext storage in a file or on disk. Remote exploitation of the attack is possible. The exploit has been published and may be used.

Vendor

Zzcms

Product

Zzcms

CWE

CWE-312

Yayın Tarihi

2025-12-17 23:15:56

Güncelleme

2025-12-30 18:26:55

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-312 Zzcms MEDIUM Zzcms 2025

Referanslar

https://note-hxlab.wetolink.com/share/bu2KYevoyBm6 https://vuldb.com/?ctiid.336986 https://vuldb.com/?id.336986 https://vuldb.com/?submit.711654 https://note-hxlab.wetolink.com/share/bu2KYevoyBm6

Benzer Kayıtlar

Medium

CVE-2025-14837

A vulnerability has been found in ZZCMS 2025. Affected by this issue is the function stripfxg of the file /admin/sitecon…

Medium

CVE-2025-13171

A vulnerability was identified in ZZCMS 2023. This impacts an unknown function of the file /admin/wangkan_list.php. Such…

Medium

CVE-2025-1949

A vulnerability, which was classified as problematic, has been found in ZZCMS 2025. This issue affects some unknown proc…

Critical

CVE-2025-22957

A SQL injection vulnerability exists in the front-end of the website in ZZCMS

Medium

CVE-2025-0565

A vulnerability was found in ZZCMS 2023. It has been rated as critical. Affected by this issue is some unknown functiona…