CVE-2025-14012
In JIZHICMS up to version 2.5.5, the Batch Delete Comments component exposes an SQL injection through the file /index.php/admins/Comment/deleteAll.html via the functions deleteAll, findAll, and delete. The issue is triggered by manipulated input and can be exploited remotely. Public exploit infor...