CVE-2019-12357: SQL Injection
First published: Fri Jun 17 2022(Updated: )
An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/deluser.php (when the attacker has admin authority) via the id parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zzcms Zzcms | =2019 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this zzcms issue?
The vulnerability ID for this zzcms issue is CVE-2019-12357.
What is the affected software?
The affected software is Zzcms 2019.
What is the severity rating of this vulnerability?
This vulnerability has a severity rating of 7.2 (high).
How does this vulnerability occur?
This vulnerability occurs due to a SQL injection vulnerability in the /admin/deluser.php file, specifically when the attacker has admin authority and uses the id parameter.
Is there a fix available for this vulnerability?
It is recommended to apply the latest patch or update from the vendor to fix this SQL injection vulnerability in zzcms 2019.
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/zzcms
- canonical/zzcms zzcms
- version/zzcms zzcms/2019