← Back to CVE List

CVE-2019-13086

Published: 2019-06-30T17:15Z
Last Modified: 2024-11-21T04:24Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
core/MY_Security.php in CSZ CMS 1.2.2 before 2019-06-20 has member/login/check SQL injection by sending a crafted HTTP User-Agent header and omitting the csrf_csz parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt