CVE-2023-5263: ZZZCMS Database Backup File save.php restore permission
First published: Fri Sep 29 2023(Updated: )
A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Affected by this issue is the function restore of the file /admin/save.php of the component Database Backup File Handler. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240872.
Credit: cna@vuldb.com cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zzzcms Zzzcms | =2.1.7 | |
| =2.1.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-5263?
The severity of CVE-2023-5263 is classified as high with a score of 8.8.
What is affected by CVE-2023-5263?
The function restore of the file /admin/save.php of the component Database Backup File Handler in ZZZCMS 2.1.7 is affected by CVE-2023-5263.
How can CVE-2023-5263 be exploited?
CVE-2023-5263 can be exploited remotely.
Is there a fix available for CVE-2023-5263?
At the moment, there is no known fix available for CVE-2023-5263. It is recommended to follow the provided references for any updates or patches.
What is the Common Weakness Enumeration (CWE) ID for CVE-2023-5263?
The Common Weakness Enumeration (CWE) ID for CVE-2023-5263 is 275.
- collector/nvd-index
- agent/author
- agent/type
- agent/weakness
- agent/references
- agent/description
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/severity
- agent/event
- agent/first-publish-date
- agent/tags
- collector/nvd-api
- source/NVD
- vendor/zzzcms
- canonical/zzzcms zzzcms
- version/zzzcms zzzcms/2.1.7