CVE-2022-27128 - OpenCVE

An incorrect access control issue at /admin/run_ajax.php in zbzcms v1.0 allows attackers to arbitrarily add administrator accounts.

No CVSS v3.0

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors	Products
Zbzcms	Zbzcms

Configuration 1 [-]

cpe:2.3:a:zbzcms:zbzcms:1.0:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/wu610777031/My_CMSHunter/blob/main/zbzcms%20v1.0%20vulnerabilities.pdf	Broken Link

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-04-10T20:24:08

Updated: 2022-04-10T20:24:08

Reserved: 2022-03-14T00:00:00

Link: CVE-2022-27128

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-04-10T21:15:08.120

Modified: 2023-08-08T14:22:24.967

Link: CVE-2022-27128

JSON object: View

Redhat Information

No data.

CWE