CVE-2023-36162: CSRF
First published: Mon Jul 03 2023(Updated: )
Cross Site Request Forgery vulnerability in ZZCMS v.2023 and earlier allows a remote attacker to gain privileges via the add function in adminlist.php.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zzcms Zzcms | =2023 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this ZZCMS vulnerability?
The vulnerability ID of this ZZCMS vulnerability is CVE-2023-36162.
What is the severity level of CVE-2023-36162?
The severity level of CVE-2023-36162 is high, with a CVSS score of 8.8.
What is the affected software version of CVE-2023-36162?
ZZCMS version 2023 and earlier are affected by CVE-2023-36162.
How does CVE-2023-36162 work?
CVE-2023-36162 is a Cross Site Request Forgery vulnerability that allows a remote attacker to gain privileges by exploiting the add function in adminlist.php.
How can I fix CVE-2023-36162 in ZZCMS?
To fix CVE-2023-36162 in ZZCMS, it is recommended to update to a patched version of ZZCMS or apply any available security patches.
- collector/nvd-index
- agent/author
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/references
- agent/weakness
- agent/severity
- agent/tags
- agent/description
- agent/event
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- vendor/zzcms
- canonical/zzcms zzcms
- version/zzcms zzcms/2023