There is a CSRF in ZZZCMS zzzphp V1.6.1 via a /admin015/save.php?act=editfile request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the filetext parameter.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://www.iwantacve.cn/index.php/archives/119/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-02-26T07:00:00
Updated: 2024-08-04T21:38:46.590Z
Reserved: 2019-02-26T00:00:00
Link: CVE-2019-9182
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-02-26T07:29:00.527
Modified: 2024-11-21T04:51:09.400
Link: CVE-2019-9182
Redhat
No data.