SQL Injection Vulnerability in CSZ-CMS Web Application by Huu1j
CVE-2025-63608
Currently unrated
What is CVE-2025-63608?
A SQL injection flaw exists in the Form Builder view of CSZ-CMS up to version 1.3.0. This vulnerability occurs in the field parameter, allowing authenticated administrators to run arbitrary SQL queries against the database. Such exploitation can lead to unauthorized access to sensitive data or manipulation of database contents, posing serious security risks for affected web applications.