CVE-2021-40279: SQL Injection
First published: Thu Dec 09 2021(Updated: )
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/bad.php.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zzcms Zzcms | =8.2 | |
| Zzcms Zzcms | =8.3 | |
| Zzcms Zzcms | =2020 | |
| Zzcms Zzcms | =2021 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this zzcms vulnerability?
The vulnerability ID for this zzcms vulnerability is CVE-2021-40279.
What software versions are affected by this vulnerability?
This vulnerability affects zzcms versions 8.2, 8.3, 2020, and 2021.
What is the severity of CVE-2021-40279?
The severity of CVE-2021-40279 is high with a CVSS score of 7.2.
How does the vulnerability in zzcms 8.2, 8.3, 2020, and 2021 occur?
The vulnerability in zzcms 8.2, 8.3, 2020, and 2021 occurs due to an SQL Injection vulnerability in the 'id' parameter in admin/bad.php.
How can I fix the SQL Injection vulnerability in zzcms 8.2, 8.3, 2020, and 2021?
To fix the SQL Injection vulnerability in zzcms 8.2, 8.3, 2020, and 2021, it is recommended to update to the latest version of zzcms or apply the appropriate security patches.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/event
- agent/author
- agent/severity
- agent/first-publish-date
- agent/tags
- agent/type
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/zzcms
- canonical/zzcms zzcms
- version/zzcms zzcms/8.2
- version/zzcms zzcms/8.3
- version/zzcms zzcms/2020
- version/zzcms zzcms/2021