Vulnerability CVE-2022-45564
Published: 2023-02-21

Description:
SQL Injection vulnerability in znfit Home improvement ERP management system V50_20220207,v42 allows attackers to execute arbitrary sql commands via the userCode parameter to the wechat applet.

 References:
https://github.com/catwj/exp/blob/main/Injected%20by%20Shanghai%20Zhuangmeng%20Information%20Technology%20Co.%2C%20Ltd.md
Copyright 2026, cxsecurity.com

 

Back to Top