Security Advisory

CVE-2019-9182

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-02-26 07:00:00

Last updated 2025-12-09 14:41:14

Assigner mitre

State PUBLISHED

Description

There is a CSRF in ZZZCMS zzzphp V1.6.1 via a /admin015/save.php?act=editfile request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the filetext parameter.

← Browse all CVEs View on cve.org ↗