zzcms v8.3 contains a SQL Injection vulnerability in /user/logincheck.php via an X-Forwarded-For HTTP header.
zzcms zzcms 8.3