2 matches found
CVE-2019-12356
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dlsdownload.php when the attacker has dlsdownload authority via the id parameter...
CVE-2019-12356
CVE-2019-12356 affects zzcms 2019 and is a SQL injection in /user/dls_download.php via the id parameter when the attacker has dls_download authority. The NVD entry documents a vulnerability class that allows partial/high impacts to confidentiality, integrity, and availability (CVSSv3.1 base score...