PT-2025-34148 · Old Peanut · Open-Shop

Name of the Vulnerable Software and Affected Versions: old-peanut Open-Shop versions through 1.0.0 Description: A Cross Site Request Forgery CSRF issue exists in old-peanut Open-Shop, allowing attackers to obtain sensitive information via a crafted HTTP Post message. Recommendations: At the momen...

CVE-2025-50902

Cross Site Request Forgery CSRF vulnerability in old-peanut Open-Shop aka old-peanut/wechatappletopensource thru 1.0.0 allows attackers to gain sensitive information via crafted HTTP Post message...

wx-shop 安全漏洞

wx-shop is a WeChat applet simple mall by the individual developer Feng Zhihui 495300897. A security vulnerability exists in wx-shop, which stems from vulnerability to cross-site request forgery attacks...

CVE-2022-45564

SQL Injection vulnerability in znfit Home improvement ERP management system V5020220207,v42 allows attackers to execute arbitrary sql commands via the userCode parameter to the wechat applet...

Unauthorized Access Vulnerability in Beijing Lixin Niannian Catering Management Company Limited's Lixin eShop WeChat Apps

Beijing Lixin Niannian Catering Management Co. An unauthorized access vulnerability exists in the Beijing Lixin Niannian Catering Management Co. Lixin Eshop WeChat applet, which can be exploited by attackers to obtain sensitive information...

CVE-2022-45564

SQL Injection vulnerability in znfit Home improvement ERP management system V5020220207,v42 allows attackers to execute arbitrary sql commands via the userCode parameter to the wechat applet...

Sql injection

SQL Injection vulnerability in znfit Home improvement ERP management system V5020220207,v42 allows attackers to execute arbitrary sql commands via the userCode parameter to the wechat applet...

znfit Home improvement ERP management system SQL注入漏洞

znfit Home improvement ERP management system is a home ERP management system from znfit Shanghai, China. A security vulnerability exists in znfit Home improvement ERP management system version V5020220207, v42. An attacker exploited the vulnerability to execute arbitrary sql commands via the...

CVE-2022-45564

SQL Injection vulnerability in znfit Home improvement ERP management system V5020220207,v42 allows attackers to execute arbitrary sql commands via the userCode parameter to the wechat applet...

CVE-2022-45564

SQL Injection vulnerability in znfit Home improvement ERP management system V5020220207,v42 allows attackers to execute arbitrary sql commands via the userCode parameter to the wechat applet...

File Upload Vulnerability in LaiKe Full Scene E-commerce System

LaiKe full-scene e-commerce system is a WeChat applet e-commerce platform front and back end open source PHP , including distribution , group , lottery , red packets , nine-grid game and other functions , the entire system architecture is very simple , suitable for small teams or individual...