cve/2018/CVE-2018-14961.md

CVE-2018-14961

Description

dl/dl_sendmail.php in zzcms 8.3 has SQL Injection via the sql parameter.

POC

Reference

• https://blog.csdn.net/weixin_42813492/article/details/81240523
• https://blog.csdn.net/weixin_42813492/article/details/81240523
• https://github.com/AvaterXXX/ZZCMS/blob/master/README.md
• https://github.com/AvaterXXX/ZZCMS/blob/master/README.md

Github

• https://github.com/5huai/POC-Test
• https://github.com/SexyBeast233/SecBooks
• https://github.com/TesterCC/exp_poc_library