6 matches found
CVE-2025-1544
A vulnerability, which was classified as critical, was found in dingfanzu CMS up to 20250210. Affected is an unknown function of the file /ajax/loadShopInfo.php. The manipulation of the argument shopId leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-1544
creationtimestamp| type| source ---|---|--- 2025-02-21 16:18:22+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4909 2025-02-21 19:46:57+00:00| seen| https://t.me/cvedetector/18682 2025-02-21 19:47:16+00:00| seen|...
CVE-2025-1544
A vulnerability, which was classified as critical, was found in dingfanzu CMS up to 20250210. Affected is an unknown function of the file /ajax/loadShopInfo.php. The manipulation of the argument shopId leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-1544 dingfanzu CMS loadShopInfo.php sql injection
A vulnerability, which was classified as critical, was found in dingfanzu CMS up to 20250210. Affected is an unknown function of the file /ajax/loadShopInfo.php. The manipulation of the argument shopId leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-1544
CVE-2025-1544 describes a remote SQL injection in dingfanzu CMS. The vulnerability affects the function handling /ajax/loadShopInfo.php and is triggered by manipulating the shopId parameter, potentially allowing an attacker to execute arbitrary SQL commands on the database. Multiple sources confi...
CVE-2025-1544 dingfanzu CMS loadShopInfo.php sql injection
A vulnerability, which was classified as critical, was found in dingfanzu CMS up to 20250210. Affected is an unknown function of the file /ajax/loadShopInfo.php. The manipulation of the argument shopId leads to sql injection. It is possible to launch the attack remotely. The exploit has been...