Geeeeeeeek Dingfanzu
3 CVEs affecting Geeeeeeeek Dingfanzu. Latest disclosed: 2025-09-08. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-28100 | Critical | 9.8 | 2025-04-15 | A SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a attacker to execute arbitrary code via not filtering the content correctly at the "operateOrder.ph… |
CVE-2024-8302 | Medium | 6.3 | 2024-08-29 | A vulnerability was found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. It has been rated as critical. Affected by this issue is some unknow… |
CVE-2024-48341 | Low | 3.7 | 2025-09-08 | dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=addShop |