VYPR

thinkphp-zcms

by jorycn

CVEs (2)

  • CVE-2022-28521CriApr 26, 2022
    risk 0.64cvss 9.8epss 0.02

    ZCMS v20170206 was discovered to contain a file inclusion vulnerability via index.php?m=home&c=home&a=sp_set_config.

  • CVE-2020-19705CriAug 26, 2021
    risk 0.64cvss 9.8epss 0.01

    thinkphp-zcms as of 20190715 allows SQL injection via index.php?m=home&c=message&a=add.