An issue exists in zzcms 2019. SQL Injection exists in dl/dl_print.php via an id parameter value with a trailing comma.
zzcms zzcms 2019