Lucene search
China National Vulnerability DatabaseCNVD-2022-88241HistorySep 28, 2022 - 12:00 a.m.
ZZCMS sendmailto.php SQL Injection Vulnerability
2022-09-2800:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
zzcms
sql injection
sendmailto.php
validation
china
database theft
cnvd
0.001 Low
EPSS
Percentile
37.7%
ZZCMS is a content management system (CMS) from the ZZCMS team in China.ZZCMS version 2022 is vulnerable to SQL injection, which originates from /admin/sendmailto.php?tomail=&groupid=Lack of validation of external input SQL statements. An attacker could use the vulnerability to execute illegal SQL commands to steal sensitive database data.
Related
cve
cve
CVE-2022-40446
2022-09-22 14:15:09
cvelist
cvelist
CVE-2022-40446
2022-09-22 13:32:36
nvd
nvd
CVE-2022-40446
2022-09-22 14:15:09
prion
prion
Sql injection
2022-09-22 14:15:00