Security Advisory

CVE-2024-10291

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-23 15:31:04

Last updated 2024-10-23 18:33:55

Assigner VulDB

State PUBLISHED

Description

A vulnerability has been found in ZZCMS 2023 and classified as critical. This vulnerability affects the function Ebak_DoExecSQL/Ebak_DotranExecutSQL of the file 3/Ebak5.1/upload/phome.php. The manipulation of the argument phome leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

← Browse all CVEs View on cve.org ↗