Vulnerabilities > Cskaza > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-09 | CVE-2023-34545 | SQL Injection vulnerability in Cskaza Cszcms 1.3.0 A SQL injection vulnerability in CSZCMS 1.3.0 allows remote attackers to run arbitrary SQL commands via p parameter or the search URL. | 9.8 |
| 2022-01-27 | CVE-2021-46377 | SQL Injection vulnerability in Cskaza Cszcms 1.2.9 There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.php#viewUser | 9.8 |