PT-2025-44400 · Csz Cms · Csz Cms
Huu1J
·
Published
2025-10-30
·
Updated
2025-10-30
·
CVE-2025-63608
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
CSZ-CMS versions prior to 1.3.1
Description
A SQL injection issue exists in the Form Builder view functionality. The vulnerability is located in the
field parameter of the form viewing feature, allowing authenticated administrators to execute arbitrary SQL queries.Recommendations
Update CSZ-CMS to a version newer than 1.3.0.
Exploit
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Csz Cms