zzzcms zzzphp before 2.0.4 allows remote attackers to execute arbitrary OS commands by placing them in the keys parameter of a ?location=search URI, as demonstrated by an OS command within an "if" "end if" block.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-05-11T22:25:03
Updated: 2024-08-03T23:25:30.538Z
Reserved: 2021-05-11T00:00:00
Link: CVE-2021-32605
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-05-11T23:15:08.977
Modified: 2024-11-21T06:07:21.747
Link: CVE-2021-32605
Redhat
No data.