ZZCMS is a content management system (CMS) from the Zzcms team in China. ZZCMS is vulnerable to SQL injection, which stems from a missing validation of externally entered SQL statements in the id parameter of admin/dl_sendmail.php. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.