CVE-2024-10291

Published: Oct 23, 2024
Updated: May 4, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-10291" target="_blank" rel="noopener"> CVE-2024-10291
Severity: Critical
Exploit:

A vulnerability has been found in ZZCMS 2023 and classified as critical. This vulnerability affects the function Ebak_DoExecSQL/Ebak_DotranExecutSQL of the file 3/Ebak5.1/upload/phome.php. The manipulation of the argument phome leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.