PT-2025-36498

Name of the Vulnerable Software and Affected Versions: dingfanzu CMS version 1.0 Description: The application suffers from a Cross-Site Request Forgery CSRF issue. This occurs through the /admin/doAdminAction.php?act=addShop component. Recommendations: Apply appropriate CSRF protection mechanisms...

dingfanzu 注入漏洞

dingfanzu is a php based takeaway ordering website by gk2007 individual developer. An injection vulnerability exists in dingfanzu 20250210 and earlier versions, which is caused by a SQL injection in the parameter shopId...

dingfanzu 安全漏洞

dingfanzu is a php based takeaway ordering website. A SQL injection vulnerability exists in dingfanzu v1.0, which stems from the application's lack of validation of externally entered SQL statements. A local attacker can exploit this vulnerability to execute arbitrary code via the contents of the...

dingfanzu 安全漏洞

dingfanzu is a php based takeaway ordering website by gk2007 individual developer. A security vulnerability exists in dingfanzu version V1.0, which originates from the /admin/doAdminAction.php?act=addAdmin component that contains a cross-site request forgery vulnerability...

PT-2024-33202 · Unknown · Dingfanzu Cms

Name of the Vulnerable Software and Affected Versions: dingfanzu CMS version 1.0 Description: The issue is a Cross-Site Request Forgery CSRF that allows a remote attacker to execute arbitrary code via the addPro parameter of the doAdminAction.php component. This enables unauthorized actions...