CVEs-PoC/2018/CVE-2018-8966.md at 2ef066380cb36dba2e454190ca2349fcff6ca2df

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-21 17:16:51 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

760 B

Raw Blame History

CVE-2018-8966

Description

An issue was discovered in zzcms 8.2. It allows PHP code injection via the siteurl parameter to install/index.php, as demonstrated by injecting a phpinfo() call into /inc/config.php.

POC

Reference

https://github.com/Ni9htMar3/vulnerability/blob/master/zzcms_8.2/install.md

Github

https://github.com/20142995/nuclei-templates
https://github.com/cyb3r-w0lf/nuclei-template-collection

760 B Raw Blame History

CVE-2018-8966

Description

POC

Reference

Github

760 B

Raw Blame History