SQL Injection Vulnerability in zzcms Version 8.3 and Earlier

CVE-2018-1000653 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

zzcms version 8.3 and earlier contains a SQL Injection vulnerability in zt/top.php line 5 that can result in could be attacked by sql injection in zzcms in nginx. This attack appear to be exploitable via running zzcms in nginx.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.