Cross site request forgery (csrf)

2023-07-0321:15:00

PRIOn knowledge base

www.prio-n.com

cross site request forgery

zzcms

remote attacker

admin privileges

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.6%

JSON

Cross Site Request Forgery vulnerability in ZZCMS v.2023 and earlier allows a remote attacker to gain privileges via the add function in adminlist.php.

CPENameOperatorVersion
zzcmseq2023

CPE	Name	Operator	Version
	zzcms	eq	2023

References

www.zzcms.net/about/download.html

github.com/779789571/zzcms/blob/main/README.md

github.com/forget-code/zzcms/issues/6