1.0.9

DATE	CVE	VULNERABILITY TITLE	RISK
2019-06-30	CVE-2019-13086	SQL Injection vulnerability in Cszcms CSZ CMS core/MY_Security.php in CSZ CMS 1.2.2 before 2019-06-20 has member/login/check SQL injection by sending a crafted HTTP User-Agent header and omitting the csrf_csz parameter. network low complexity cszcms CWE-89 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.