zhangbuneng/3
GitHub
Releases0
Hangzhou Xiongwei Technology Development Co., Ltd. - The DishTrade/dish_trade_detail_get interface in the Smart Catering Cloud Platform is vulnerable to SQL injection
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 6.3 MEDIUM | 6.5 MEDIUM | ||
A vulnerability was detected in Xiongwei Smart Catering Cloud Platform 2.1.6446.28761. The affected element is an unknown function of the file /dishtrade/dish_trade_detail_get. The manipulation of the argument filter results in sql injection. The attack can be executed remotely. The exploit is now public and may be used. | |||