A SQL injection vulnerability has been discovered in zz...
High severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Jan 30, 2023
Description
Published by the National Vulnerability Database
Oct 14, 2021
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Jan 30, 2023
A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dl_sendmail.php page cookie.
References