VYPR
Unrated severityNVD Advisory· Published Oct 23, 2024· Updated Oct 23, 2024

ZZCMS functions.php Ebak_SetGotoPak unrestricted upload

CVE-2024-10293

Description

A vulnerability was found in ZZCMS 2023. It has been classified as critical. Affected is the function Ebak_SetGotoPak of the file 3/Ebbak5.1/upload/class/functions.php. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Affected products

2
  • Zzcms/Zzcmscpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = 2023

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.