lingchuL

1 exploit Active since Jun 2019
CVE-2019-13086 NOMISEC CRITICAL WORKING POC
CSZ CMS < 1.2.2 - SQL Injection via HTTP User-Agent Header
core/MY_Security.php in CSZ CMS 1.2.2 before 2019-06-20 has member/login/check SQL injection by sending a crafted HTTP User-Agent header and omitting the csrf_csz parameter.
CVSS 9.8