CVE-2021-42945: SQL Injection
First published: Wed Dec 15 2021(Updated: )
A SQL Injection vulnerability exists in ZZCMS 2021 via the askbigclassid parameter in /admin/ask.php.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zzcms Zzcms | =2021 | |
| =2021 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2021-42945.
What is the severity of CVE-2021-42945?
The severity of CVE-2021-42945 is critical with a CVSS score of 9.8.
How does the SQL Injection vulnerability in ZZCMS 2021 work?
The SQL Injection vulnerability in ZZCMS 2021 occurs via the askbigclassid parameter in /admin/ask.php.
What software is affected by CVE-2021-42945?
The affected software is ZZCMS 2021.
How can I fix the SQL Injection vulnerability in ZZCMS 2021?
To fix the SQL Injection vulnerability in ZZCMS 2021, it is recommended to apply the latest security patches or updates provided by ZZCMS.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/first-publish-date
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/tags
- agent/softwarecombine
- agent/event
- vendor/zzcms
- canonical/zzcms zzcms
- version/zzcms zzcms/2021