zzcms is a multifunctional cms system that integrates front-end pages, custom templates, payments, etc., using a b/s structure of php mysql. The mvc model is used to facilitate quick system build. zzcms has a SQL vulnerability in versions 8.2 and 8.3, which is related to the affected version not filtering user input properly. A SQL injection vulnerability exists in dl/dl_print.php when registering a normal user. An attacker could exploit the vulnerability to execute malicious scripts.
CPE | Name | Operator | Version |
---|---|---|---|
zzcms zzcms | eq | 8.3 | |
zzcms zzcms | eq | 8.2 |