📦 Zenario

This SQL injection vulnerability in Zenario CMS allows remote attackers to execute arbitrary SQL commands through the ID parameter in the plugin deletion module. Attackers can potentially access, modi...

Zenario CMS 9.0.54156 has an unrestricted file upload vulnerability that allows attackers to upload malicious files like web shells. This enables remote code execution, potentially compromising the en...

CVE-2022-23043 is an unrestricted file upload vulnerability in Zenario CMS that allows authenticated admin users to bypass file upload restrictions by creating a '.phar' MIME type and uploading malici...

Zenario CMS version 9.7.61188 allows authenticated admin users to upload PDF files containing malicious JavaScript code. When these PDFs are accessed through the website, they can execute cross-site s...

Zenario 9.7.61188 contains a reflected cross-site scripting (XSS) vulnerability in the Image library's 'Organizer tags' field. This allows attackers to inject malicious scripts that execute in victims...