Approved changes feed: RSS · Atom
cpe:2.3:a:aas9:zerocms:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Aas9 (e9685549-c022-5de4-9f2a-6fb4a0966976) |
|---|---|
| Product | Zerocms (91c4330a-d703-5d62-aa17-bba85d1b5ae1) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:code.google/zerocms |
purl2cpe | 2026-06-01 10:18:03.682925 |
pkg:sourceforge/zerocms |
purl2cpe | 2026-06-01 10:18:03.682928 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2015-1442 |
vulnerable | 2026-06-03 14:34:39.486766 |
Details available
SQL injection vulnerability in views/zero_transact_user.php in the administrative backend in ZeroCMS 1.3.3, 1.3.2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the user_id parameter in a Modify Account action. NOTE: The article_id parameter to zero_view_article.php vector is already covered by CVE-2014-4034.
Published: 2015-02-06T15:00:00.000Z
Updated: 2024-08-06T04:40:18.615Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.