Critical severity9.8NVD Advisory· Published Feb 21, 2023· Updated Jun 17, 2026
CVE-2022-45564
CVE-2022-45564
Description
SQL Injection vulnerability in znfit Home improvement ERP management system V50_20220207,v42 allows attackers to execute arbitrary sql commands via the userCode parameter to the wechat applet.
Affected products
3- znfit/Home improvement ERP management systemdescription
- Shanghai Zhuangmeng Information Technology Co., Ltd./znfit Home improvement ERP management systemllm-createRange: V50_20220207,v42
- Range: V50_20220207,v42
Patches
Vulnerability mechanics
References
1- github.com/catwj/exp/blob/main/Injected%20by%20Shanghai%20Zhuangmeng%20Information%20Technology%20Co.%2C%20Ltd.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.