A SQL injection vulnerability in ZI PT Solusi Usaha Mudah Analytic Data Query module (aka izi_data) 11.0 up to and including 17.x prior to 17.0.3 allows a remote malicious user to gain privileges via a query to IZITools::query_check, IZITools::query_fetch, or IZITools::query_execute.