CVE-2025-22957

Name of the Vulnerable Software and Affected Versions ZZCMS versions <= 2023

Description A SQL injection issue exists in the front-end of the website, which can be exploited without any authentication. This could potentially allow attackers to gain unauthorized access to the database and extract sensitive information.

Recommendations For ZZCMS versions <= 2023, consider restricting access to the front-end of the website until a patch is available. As a temporary workaround, review and modify the SQL queries to prevent injection attacks. At the moment, there is no information about a newer version that contains a fix for this issue.