VYPR
Critical severity9.8NVD Advisory· Published Jun 30, 2019· Updated Jun 17, 2026

CVE-2019-13086

CVE-2019-13086

Description

core/MY_Security.php in CSZ CMS 1.2.2 before 2019-06-20 has member/login/check SQL injection by sending a crafted HTTP User-Agent header and omitting the csrf_csz parameter.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.