VYPR
High severity7.2NVD Advisory· Published Apr 29, 2021· Updated Jun 17, 2026

CVE-2021-29350

CVE-2021-29350

Description

SQL injection in the getip function in conn/function.php in 发货100-设计素材下载系统 1.1 allows remote attackers to inject arbitrary SQL commands via the X-Forwarded-For header to admin/product_add.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1
  • 发货100-设计素材下载系统/发货100-设计素材下载系统description

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.