4 matches found
CVE-2025-22976
SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a local attacker to execute arbitrary code via not filtering the content correctly at the "checkOrder.php" shopId module...
CVE-2025-22976
creationtimestamp| type| source ---|---|--- 2025-01-15 22:47:43+00:00| seen| https://infosec.exchange/users/cve/statuses/113834804072412874 2025-01-15 22:55:10+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1883 2025-01-15 23:16:03+00:00| seen|...
CVE-2025-22976
CVE-2025-22976 affects dingfanzuCMS v1.0. The vulnerability is a SQL injection in the checkOrder.php shopId module caused by improper input validation, allowing a local attacker to execute arbitrary code. According to the sources, exploitation is local with low complexity and high confidentiality...
CVE-2025-22976
SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a local attacker to execute arbitrary code via not filtering the content correctly at the "checkOrder.php" shopId module...