| Title | geeeeeeeek dingfanzu master SQL Injection |
|---|
| Description | dingfanzu-CMS loadShopInfo.php shopId SQL inject
THis is a food delivery website based on php, including front end and back end
dingfanzu MS does not filter the content correctly at the "loadShopInfo.php" shopId parameter, resulting in the generation of SQL injection.
For details, please see the github document:
https://github.com/XinCaoZ/cve/blob/main/dingfanzu/dingfanzu-CMS%20loadShopInfo.php%20shopId%20SQL%20inject.md
|
|---|
| Source | ⚠️ https://github.com/XinCaoZ/cve/blob/main/dingfanzu/dingfanzu-CMS%20loadShopInfo.php%20shopId%20SQL%20inject.md |
|---|
| User | Xinca0 (UID 43189) |
|---|
| Submission | 02/10/2025 07:30 AM (1 Year ago) |
|---|
| Moderation | 02/21/2025 10:53 AM (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 296490 [dingfanzu CMS up to 20250210 /ajax/loadShopInfo.php shopId sql injection] |
|---|
| Points | 20 |
|---|