.. / CVE-2022-23881

Exploit for ZZZCMS zzzphp 2.1.0 - Remote Code Execution (CVE-2022-23881)

Description:

ZZZCMS zzzphp v2.1.0 is susceptible to a remote command execution vulnerability via danger_key() at zzz_template.php.

Nuclei Template

View the template here CVE-2022-23881.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-23881.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2022-23881
https://github.com/ARPSyndicate/cvemon
http://www.zzzcms.com
https://github.com/metaStor/Vuls/blob/main/zzzcms/zzzphp%20V2.1.0%20RCE/zzzphp%20V2.1.0%20RCE.md
https://github.com/ARPSyndicate/kenzer-templates