Vulnerabilities

CVE-2025-28100

by Fred · 15/04/2025

A SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a attacker to execute arbitrary code via not filtering the content correctly at the “operateOrder.php” id parameter.

Assigner : cve@mitre.org

More information : https://github.com/gh3-dk/vul/blob/main/sql%20injection/dingfanzu/dingfanzu-CMS%20operateOrder.php%20id%20SQL-inject.md

Similar

Tags: Cybersecurity Alert