Share:

CVE-2020-19960 - Zzcms Zzcms

October 14, 2021

Critical 7.5

A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dl_sendsms.php page cookie.

Affected software

Zzcms Zzcms

Reference links

https://github.com/zhuxianjin/vuln_repo/blob/master/zzcms2019%20SQL%20injection%20vulnerability%20in%20dl_sendsms.php.md

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.