CVE-2025-22976

High

Published: 15 January 2025

Published

15 January 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

EPSS Score 0.0006 18.9th percentile

Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Description

SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a local attacker to execute arbitrary code via not filtering the content correctly at the "checkOrder.php" shopId module.

Security Summary

CVE-2025-22976 is a SQL injection vulnerability (CWE-89) in dingfanzuCMS version 1.0, specifically affecting the shopId parameter in the checkOrder.php module due to inadequate input filtering. This flaw enables a local attacker with low privileges to inject malicious SQL payloads, potentially leading to arbitrary code execution. The vulnerability received a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N), indicating high confidentiality and integrity impacts without affecting availability.

A local attacker who has obtained low-privilege access to the system can exploit this vulnerability by crafting and submitting a malicious shopId value to the checkOrder.php endpoint. Successful exploitation allows the attacker to execute arbitrary SQL queries, which could result in data exfiltration, modification of database contents, or escalation to arbitrary code execution on the underlying server.

For mitigation details, refer to the advisory at https://github.com/xiaosguang/cve/blob/main/dingfanzu/dingfanzu-CMS%20checkOrder.php%20shopId%20SQL-inject.md, published alongside the CVE on 2025-01-15.

Details

CWE(s): CWE-89

References

https://github.com/xiaosguang/cve/blob/main/dingfanzu/dingfanzu-CMS%20checkOrder.php%20shopId%20SQL-inject.md
cve@mitre.org