Wzone
by Aa Team
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-33546 | Cri | 0.62 | 9.6 | 0.01 | Apr 29, 2024 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10. | ||
| CVE-2024-33544 | Cri | 0.60 | 9.3 | 0.01 | Apr 29, 2024 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10. | ||
| CVE-2026-27040 | Hig | 0.57 | 8.8 | 0.00 | Mar 25, 2026 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AA-Team WZone woozone allows Path Traversal.This issue affects WZone: from n/a through <= 14.0.31. | ||
| CVE-2024-33549 | Hig | 0.57 | 8.8 | 0.01 | May 17, 2024 | Improper Privilege Management vulnerability in AA-Team WZone allows Privilege Escalation.This issue affects WZone: from n/a through 14.0.10. | ||
| CVE-2026-27039 | Hig | 0.55 | 8.5 | 0.00 | Mar 25, 2026 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone woozone allows Blind SQL Injection.This issue affects WZone: from n/a through <= 14.0.31. | ||
| CVE-2024-33548 | Hig | 0.46 | 7.1 | 0.00 | Apr 29, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA-Team WZone allows Reflected XSS.This issue affects WZone: from n/a through 14.0.10. | ||
| CVE-2026-25473 | Med | 0.35 | 5.4 | 0.00 | Feb 19, 2026 | Missing Authorization vulnerability in AA-Team WZone woozone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WZone: from n/a through <= 14.0.31. | ||
| CVE-2024-33545 | 0.00 | — | 0.00 | Jun 9, 2024 | Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10. | |||
| CVE-2024-33547 | 0.00 | — | 0.00 | Jun 9, 2024 | Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10. |
- risk 0.62cvss 9.6epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10.
- risk 0.60cvss 9.3epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10.
- risk 0.57cvss 8.8epss 0.00
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AA-Team WZone woozone allows Path Traversal.This issue affects WZone: from n/a through <= 14.0.31.
- risk 0.57cvss 8.8epss 0.01
Improper Privilege Management vulnerability in AA-Team WZone allows Privilege Escalation.This issue affects WZone: from n/a through 14.0.10.
- risk 0.55cvss 8.5epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone woozone allows Blind SQL Injection.This issue affects WZone: from n/a through <= 14.0.31.
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA-Team WZone allows Reflected XSS.This issue affects WZone: from n/a through 14.0.10.
- risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in AA-Team WZone woozone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WZone: from n/a through <= 14.0.31.
- CVE-2024-33545Jun 9, 2024risk 0.00cvss —epss 0.00
Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10.
- CVE-2024-33547Jun 9, 2024risk 0.00cvss —epss 0.00
Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10.