CVE-2024-10291 [CRITICAL] :

A vulnerability has been found in ZZCMS 2023 and classified as critical. This vulnerability affects the function Ebak_DoExecSQL/Ebak_DotranExecutSQL of the file 3/Ebak5.1/upload/phome.php. The manipulation of the argument phome leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Microsoft Bug Bounty Program

bugbounty

Microsoft offers cash awards for finding and reporting certain types of vulnerabilities and exploitation techniques.

Visit Website

Listed: Fri Nov 10 2023