VYPR
Unrated severityNVD Advisory· Published Feb 24, 2019· Updated Aug 4, 2024

CVE-2019-9078

CVE-2019-9078

Description

zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter because inc/stopsqlin.php does not block a mixed-case string such as sCrIpT.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Zzcms/Zzcmsinferred2 versions
    = 2019+ 1 more
    • (no CPE)range: = 2019
    • (no CPE)range: = 2019

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.