CVE-2019-12348
CVE-2019-12348 : zzcms 2019 contains an SQL injection in the web path user/ztconfig.php reachable via the POST parameters set as daohang or img. The issue allows injected SQL through these fields, as reported across multiple feeds, indicating a high-severity vulnerability that could impact confid...