CVE-2018-17798 – An issue was discovered in zzcms 8.3. user/ztconfig.php allows remote attackers to delete …

30 September 2018

Vuln ID: CVE-2018-17798 (zzcms)

Published: 2018-09-30 20:29:00Z

Description: An issue was discovered in zzcms 8.3. user/ztconfig.php allows remote attackers to delete arbitrary files via an absolute pathname in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock.

Source: NVD.NIST.GOV

Date:

30 September 2018

Categorie(s):

NVD

Tag(s):

NVD

Four trends to top the CISO’s packed agenda26 April 2024
Microsoft Publicly Releases MS-DOS 4.0 Source Code26 April 2024
New SSLoad Malware Combined With Tools Hijacking Entire Network Domain26 April 2024
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites26 April 2024
Top 5 MSP Cyberattacks in 2023/202426 April 2024