jizhicms 2.5.6 is vulnerable to SQL Injection in Article/deleteAll and Extmolds/deleteAll via the data parameter.Referenceshttp://jizhicms.comhttps://www.23882.me/index.php/2026/02/15/jizhicms-%e5%90%8e%e5%8f%b0%e5%ad%98%e5%9c%a8sql%e6%b3%a8%e5%85%a5/