CVE-2025/CVE-2025-229xx/CVE-2025-22976.json

{
  "id": "CVE-2025-22976",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2025-01-15T23:15:10.783",
  "lastModified": "2025-01-15T23:15:10.783",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a local attacker to execute arbitrary code via not filtering the content correctly at the \"checkOrder.php\" shopId module."
    },
    {
      "lang": "es",
      "value": " La vulnerabilidad de inyecci\u00f3n SQL en dingfanzuCMS v.1.0 permite a un atacante local ejecutar c\u00f3digo arbitrario al no filtrar correctamente el contenido en el m\u00f3dulo shopId \"checkOrder.php\"."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://github.com/xiaosguang/cve/blob/main/dingfanzu/dingfanzu-CMS%20checkOrder.php%20shopId%20SQL-inject.md",
      "source": "cve@mitre.org"
    }
  ]
}