ZZCMS is a content management system (CMS) from the ZZCMS team in China.ZZCMS version 2022 is vulnerable to SQL injection, which originates from /admin/sendmailto.php?tomail=&groupid=Lack of validation of external input SQL statements. An attacker could use the vulnerability to execute illegal SQL commands to steal sensitive database data.