CVE-2024-43005

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-43005
A reflected cross-site scripting (XSS) vulnerability in the component dl_liuyan_save.php of ZZCMS v2023 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
CVSS

No CVSS.

References
Link Resource
http://zzcms.net Broken Link
https://github.com/gkdgkd123/codeAudit/blob/main/CVE-2024-43005%20ZZCMS2023%E5%8F%8D%E5%B0%84%E5%9E%8BXSS2.md Broken Link
Configurations

Configuration 1 (hide)

cpe:2.3:a:zzcms:zzcms:2023:*:*:*:*:*:*:*
History

21 Apr 2025, 14:59

Type Values Removed Values Added
References () http://zzcms.net - () http://zzcms.net - Broken Link
References () https://github.com/gkdgkd123/codeAudit/blob/main/CVE-2024-43005%20ZZCMS2023%E5%8F%8D%E5%B0%84%E5%9E%8BXSS2.md - () https://github.com/gkdgkd123/codeAudit/blob/main/CVE-2024-43005%20ZZCMS2023%E5%8F%8D%E5%B0%84%E5%9E%8BXSS2.md - Broken Link
CPE cpe:2.3:a:zzcms:zzcms:2023:*:*:*:*:*:*:*
First Time Zzcms
Zzcms zzcms

16 Aug 2024, 20:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-08-16 20:15

Updated : 2025-04-21 14:59

NVD link : CVE-2024-43005

Mitre link : CVE-2024-43005

JSON object : View

Products Affected

zzcms

  • zzcms
CWE

No CWE.