SQL Injection Vulnerability in ZZCMS System zssave.php File
ZZCMS is an enterprise website builder. ZZCMS System v7.1 suffers from a SQL injection vulnerability due to the failure of the zssave.php file in the /user/ directory to properly handle the $ypid variable, which allows remote attackers to exploit the vulnerability by submitting specially crafted...