A vulnerability classified as critical has been found in ZhiCms up to 4.0. This affects an unknown part of the file app/plug/controller/giftcontroller.php. The manipulation of the argument mylike leads to deserialization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250839.
References
Link | Resource |
---|---|
https://note.zhaoj.in/share/n3QsNbORUR0e | Broken Link |
https://vuldb.com/?ctiid.250839 | Third Party Advisory |
https://vuldb.com/?id.250839 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: VulDB
Published: 2024-01-16T22:00:07.479Z
Updated: 2024-02-09T19:12:16.921Z
Reserved: 2024-01-16T15:41:44.262Z
Link: CVE-2024-0603
JSON object: View
NVD Information
Status : Modified
Published: 2024-01-16T22:15:38.040
Modified: 2024-05-17T02:34:49.017
Link: CVE-2024-0603
JSON object: View
Redhat Information
No data.
CWE