2 matches found
CVE-2018-18792
An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zslist.php via a pxzs cookie...
CVE-2018-18792
The CVE-2018-18792 issue affects ZZCMS v8.3, with a SQL Injection in zs/zs_list.php exploitable via the pxzs cookie. The root cause is improper handling of input in that endpoint, enabling an attacker to read data from the MySQL user context. Public references in the connected records confirm the...