Critical severity9.8NVD Advisory· Published Jun 30, 2019· Updated Jun 17, 2026
CVE-2019-13086
CVE-2019-13086
Description
core/MY_Security.php in CSZ CMS 1.2.2 before 2019-06-20 has member/login/check SQL injection by sending a crafted HTTP User-Agent header and omitting the csrf_csz parameter.
Affected products
2- CSZ/CSZ CMSdescription
Patches
Vulnerability mechanics
References
1- github.com/cskaza/cszcms/issues/19nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.