There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.php#viewUser
9.8CVSS
9.4AI Score
0.002EPSS
A SQL injection vulnerability in CSZCMS 1.3.0 allows remote attackers to run arbitrary SQL commands via p parameter or the search URL.
9.8CVSS
9.7AI Score
0.001EPSS