ZZCMS SQL Injection Vulnerability (CNVD-2021-99769)

zzcms is a multifunctional cms system that integrates front-end pages, custom templates, payments, etc., using a b/s structure of php mysql. The mvc model is used to facilitate quick system build. zzcms has a SQL vulnerability in versions 8.2 and 8.3, which is related to the affected version not filtering user input properly. A SQL injection vulnerability exists in dl/dl_print.php when registering a normal user. An attacker could exploit the vulnerability to execute malicious scripts.