CVE-2025-22957

Critical CVSS: 9.8

A SQL injection vulnerability exists in the front-end of the website in ZZCMS <= 2023, which can be exploited without any authentication. This vulnerability could potentially allow attackers to gain unauthorized access to the database and extract sensitive information.

Vendor

Zzcms

Product

Zzcms

CWE

CWE-89

Yayın Tarihi

2025-01-31 17:15:16

Güncelleme

2025-04-22 15:37:40

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-89 Zzcms CRITICAL Zzcms 2025

Referanslar

http://www.zzcms.net/ https://github.com/youyouiooi/vulnerability-reports/blob/main/CVE-2025-22957/REANDE.md

Benzer Kayıtlar

Medium

CVE-2025-14837

A vulnerability has been found in ZZCMS 2025. Affected by this issue is the function stripfxg of the file /admin/sitecon…

Medium

CVE-2025-14836

A flaw has been found in ZZCMS 2025. Affected by this vulnerability is an unknown functionality of the file /reg/user_sa…

Medium

CVE-2025-13171

A vulnerability was identified in ZZCMS 2023. This impacts an unknown function of the file /admin/wangkan_list.php. Such…

Medium

CVE-2025-1949

A vulnerability, which was classified as problematic, has been found in ZZCMS 2025. This issue affects some unknown proc…

Medium

CVE-2025-0565

A vulnerability was found in ZZCMS 2023. It has been rated as critical. Affected by this issue is some unknown functiona…