Aa-Team Wzone vulnerabilities
9 known vulnerabilities affecting aa-team/wzone.
Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL3HIGH5MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-33548P2HIGHCVSS 7.1Exploited≥ n/a, ≤ 14.0.102024-04-29
CVE-2024-33548 [HIGH] CWE-79 CVE-2024-33548: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA-Team WZone allows Reflected XSS.This issue affects WZone: from n/a through 14.0.10.
nvd
CVE-2024-33544P2CRITICALCVSS 9.3≥ n/a, ≤ 14.0.102024-04-29
CVE-2024-33544 [CRITICAL] CWE-89 CVE-2024-33544: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10.
nvd
CVE-2024-33546P3CRITICALCVSS 9.6≥ n/a, ≤ 14.0.102024-04-29
CVE-2024-33546 [CRITICAL] CWE-89 CVE-2024-33546: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10.
nvd
CVE-2026-27040P3HIGHCVSS 8.8≤ 14.0.312026-03-25
CVE-2026-27040 [HIGH] CWE-22 CVE-2026-27040: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AA-T
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AA-Team WZone woozone allows Path Traversal.This issue affects WZone: from n/a through <= 14.0.31.
nvd
CVE-2026-27039P3HIGHCVSS 8.5≤ 14.0.312026-03-25
CVE-2026-27039 [HIGH] CWE-89 CVE-2026-27039: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone woozone allows Blind SQL Injection.This issue affects WZone: from n/a through <= 14.0.31.
nvd
CVE-2024-33549P3HIGHCVSS 8.8≥ n/a, ≤ 14.0.102024-05-17
CVE-2024-33549 [HIGH] CWE-269 CVE-2024-33549: Improper Privilege Management vulnerability in AA-Team WZone allows Privilege Escalation.This issue
Improper Privilege Management vulnerability in AA-Team WZone allows Privilege Escalation.This issue affects WZone: from n/a through 14.0.10.
nvd
CVE-2024-33545P3CRITICALCVSS 9.8≤ 14.0.10≥ n/a, ≤ 14.0.102024-06-09
CVE-2024-33545 [CRITICAL] CWE-862 CVE-2024-33545: Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0
Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10.
nvd
CVE-2024-33547P3HIGHCVSS 8.8≤ 14.0.33≥ n/a, ≤ 14.0.102024-06-09
CVE-2024-33547 [HIGH] CWE-862 CVE-2024-33547: Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0
Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10.
nvd
CVE-2026-25473P4MEDIUMCVSS 5.4≤ 14.0.312026-02-19
CVE-2026-25473 [MEDIUM] CWE-862 CVE-2026-25473: Missing Authorization vulnerability in AA-Team WZone woozone allows Exploiting Incorrectly Configure
Missing Authorization vulnerability in AA-Team WZone woozone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WZone: from n/a through <= 14.0.31.
nvd