High severity7.2NVD Advisory· Published Apr 29, 2021· Updated Jun 17, 2026
CVE-2021-29350
CVE-2021-29350
Description
SQL injection in the getip function in conn/function.php in 发货100-设计素材下载系统 1.1 allows remote attackers to inject arbitrary SQL commands via the X-Forwarded-For header to admin/product_add.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- 发货100-设计素材下载系统/发货100-设计素材下载系统description
Patches
Vulnerability mechanics
References
1- github.com/XD-519/Doc/blob/main/sql%20injection.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.