File Upload Vulnerability in ZZCMS 2023 by ZZQ66
CVE-2023-50104

9.8CRITICAL

Key Information:

Vendor: Zzcms
Status: Zzcms
Vendor: CVE Published:; 28 December 2023

What is CVE-2023-50104?

ZZCMS 2023 contains a critical file upload vulnerability located in index.php within the 3/E_bak5.1/upload directory. This security flaw allows attackers to exploit the system, potentially gaining unauthorized server privileges and executing arbitrary code. Proper validation and handling of file uploads are essential to mitigate this risk and protect sensitive server operations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/zzq66/cve4

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 28, 2023
Vulnerability Reserved
Dec 4, 2023

JSON

Zzcms

What is CVE-2023-50104?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.