CNNVD-202601-1789 Information

Jan 11, 2026 cve

CNNVD ID

CNNVD-202601-1789

CVE-2026-0843

CNNVD Published: 2026-01-11

Description (Chinese)

jiujiujia jjjshop_food_php是中国玖玖珈（jiujiujia）公司的一个餐饮连锁点餐软件。 jiujiujia jjjshop_food_php 20260103及之前版本存在SQL注入漏洞，该漏洞源于对文件/index.php/api/product.category/index中参数latitude的错误操作，可能导致SQL注入攻击。

Description (English)

jiujiujia jjshop food php is a catering chain for the Chinese company Jiujiujia. jiujiujia jjshop food php 20260103 and previous versions had an injection loophole in SQL, which stemmed from an error in the latitude parameter in document/index.php/api/project.category/index, which could lead to an attack on SQL.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

玖玖珈

Published

2026-01-11

Last Modified

2026-02-24

References

http://101.200.76.102:38765/qwertyuiop/qwsdfvbnm/1/vuldb/JJJshop/EnglishVers%E4%B8%89%E5%8B%BE%E7%82%B9%E9%A4%90%E7%B3%BB%E7%BB%9FPHP%E7%89%88%E5%AD%98%E5%9C%A8product.category.indexSQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.pdf https://vuldb.com/?id.340443 https://vuldb.com/?ctiid.340443 https://vuldb.com/?submit.731001 https://access.redhat.com/security/cve/cve-2026-0843

Share on: