Súbít #683659: liketea 1.0.0 SQL Injectionbayani

Kuraliketea 1.0.0 SQL Injection
GaskiyaLiketea is an open-source Multi-store tea beverage mini program (chain store version) A critical SQL injection vulnerability exists in the store listing API endpoint that allows unauthenticated attackers to execute arbitrary SQL commands. User-supplied latitude and longitude parameters are directly concatenated into a raw SQL query without sanitization or parameterization.
Manga⚠️ https://github.com/ictrun/liketea-sql-injection/blob/main/README.md
Màdùmga
 ictrun (UID 83482)
Furta10/28/2025 00:03 (4 Wurɗi 전)
Gargajiya11/13/2025 13:05 (17 days later)
HalittaShingilam
VulDB gite332349 [cameasy Liketea 1.0.0 API Endpoint StoreController.php list lng/lat SQL Injection]
Nganji18

GurɗoGumtiGada

Do you want to use VulDB in your project?

Use the official API to access entries easily!