CNNVD-202512-3001 Information

CNNVD ID

CNNVD-202512-3001

Related CVE

CVE-2025-14780

• CNNVD Published: 2025-12-16

Description (Chinese)

Sovell Smart Catering Cloud Platform是中国雄伟（Sovell）公司的一个餐饮云平台。 Sovell Smart Catering Cloud Platform 2.1.6446.28761版本存在SQL注入漏洞，该漏洞源于文件/dishtrade/dish_trade_detail_get中参数filter的错误操作，可能导致SQL注入。

Description (English)

Sovell SmartCatering Cloud Platform is a restaurant cloud platform for Sovell. Sovell SmartCatering Cloud Platform 2.1.64446.28761 has an injection loophole in SQL, which stems from the error of the parameter filter in document/dishtrade/dish trade detail get, which may lead to SQL injection.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

雄伟

Published

2025-12-16

Last Modified

2026-02-24

References

https://github.com/zhangbuneng/3/issues/1 https://vuldb.com/?ctiid.336607 https://vuldb.com/?id.336607 https://vuldb.com/?submit.674051