← back
CVE-2019-9041

CVE-2019-9041

EPSS 31.4%
An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzz_template.php file, the parserIfLabel() function's filtering is not strict, resulting in PHP code execution, as demonstrated by the if:assert substring.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/46454/unverifiedexploitdbwww.exploit-db.com/exploits/46454unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.exploit-db.com/exploits/46454/http://www.iwantacve.cn/index.php/archives/118/