High severity7.5NVD Advisory· Published Sep 2, 2018· Updated Jun 17, 2026

CVE-2018-16344

Description

An issue was discovered in zzcms 8.3. It allows remote attackers to delete arbitrary files via directory traversal sequences in the flv parameter. This can be leveraged for database access by deleting install.lock.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Cumtxujiabin/Cmspocreferences
Zzcms/Zzcmsllm-fuzzy
Range: =8.3

Patches

Vulnerability mechanics

References

github.com/cumtxujiabin/CmsPoc/blob/master/zzcms_8.3_file_del.mdnvdExploitThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000