CVE-2018-17415

HIGH

zzcms V8.3 - SQL Injection

Title source: llm

zzcms V8.3 has a SQL injection in /user/zs_elite.php via the id parameter.

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

CVSS v3 8.8

EPSS 0.0024

EPSS Percentile 47.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-89

Status published

Products (1)

zzcms/zzcms 8.3

Published Mar 07, 2019

Tracked Since Feb 18, 2026