QwikSec

Security Database

CVE

CWE

Training

CVE-2024-58307

Published: Dec 11, 2025

Modified: Apr 7, 2026

PUBLISHED

Description

CSZCMS 1.3.0 contains an authenticated SQL injection vulnerability in the members view functionality that allows authenticated attackers to manipulate database queries. Attackers can inject malicious SQL code through the view parameter to potentially execute time-based blind SQL injection attacks and extract database information.

Vendor	Product	Versions
cszcms	CSZCMS	affected `1.3.0`

Weaknesses (CWE)

References

ExploitDB-51916

exploit

CSZCMS Homepage

product

CSZCMS Download Page

product

VulnCheck Advisory: CSZCMS 1.3.0 Authenticated SQL Injection via Members View Endpoint

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.