An incorrect access control issue at /admin/run_ajax.php in zbzcms v1.0 allows attackers to arbitrarily add administrator accounts.
References
Link | Resource |
---|---|
https://github.com/wu610777031/My_CMSHunter/blob/main/zbzcms%20v1.0%20vulnerabilities.pdf | Broken Link |
Configurations
History
08 Aug 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other |
Information
Published : 2022-04-10 21:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-27128
Mitre link : CVE-2022-27128
CVE.ORG link : CVE-2022-27128
JSON object : View
Products Affected
zbzcms
- zbzcms
CWE