What is CVE-2025-22976?

A high-severity SQL Injection vulnerability in dingfanzuCMS v.1.0 allows local attackers to execute arbitrary code. Organizations must address this vulnerability promptly to mitigate risks.

What is the severity of CVE-2025-22976?

CVE-2025-22976 has a severity rating of HIGH with a CVSS base score of 7.1.

CVE-2025-22976 | High Vulnerability in dingfanzuCMS

CVE-2025-22976 is a high-severity SQL Injection vulnerability affecting dingfanzuCMS version 1.0. This vulnerability allows local attackers to execute arbitrary code due to the lack of proper content filtering in the "checkOrder.php" shopId module. The base score of this vulnerability is 7.1, indicating a significant risk for organizations utilizing this software.

The SQL Injection vulnerability poses serious risks as attackers may leverage this flaw to manipulate database queries. Consequently, unauthorized access to sensitive data and potential system compromise may result. Organizations using dingfanzuCMS should prioritize remediation efforts, especially since this vulnerability has been assigned a high severity level.

As of now, there is no known exploit available for this vulnerability, and it has not been included in the Known Exploited Vulnerabilities (KEV) catalog. However, organizations should remain vigilant and act swiftly to mitigate this risk. Urgency for defenders is classified as high, necessitating immediate attention.

Organizations should prioritize patching immediately to protect against potential exploitation of this vulnerability.

Vulnerability Details

CVE-2025-22976 is classified as a SQL Injection vulnerability in dingfanzuCMS v.1.0. The official description states that it allows a local attacker to execute arbitrary code via improper content filtering in the "checkOrder.php" module. The CVSS score is 7.1, placing it in the high-severity category, indicating that it can significantly impact confidentiality and integrity.

This vulnerability falls under the CWE-89 classification, which pertains to SQL Injection vulnerabilities. It was published on January 15, 2025, and remains in a deferred status, indicating that further evaluation or action may be pending.

Technical Analysis

The root cause of this vulnerability is the inadequate filtering of input parameters in the "checkOrder.php" file. Attackers can exploit this flaw through a local attack vector, as the attack complexity is classified as low. Only low privileges are required for an attacker to exploit this vulnerability, and no user interaction is necessary.

The attack's impact is primarily on confidentiality and integrity, as successful exploitation could allow attackers to access or manipulate sensitive data. However, the availability impact remains unaffected, meaning that the system's operational capacity would not be compromised.

Risk & Impact Analysis

Organizations that deploy dingfanzuCMS v.1.0 should be aware of the potential risks associated with this vulnerability. Given the ability of local attackers to execute arbitrary code, the blast radius could extend to sensitive data exposure and system integrity compromise. Effective risk management should include immediate remediation to mitigate these risks.

Considering the CVSS score of 7.1, organizations should address this vulnerability in their patch cycle. The urgency for remediation is high, and organizations must ensure that proper measures are taken to protect their systems and data.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected version is dingfanzuCMS v.1.0. Organizations should note that all versions prior to the vendor patch are at risk.

Mitigation & Remediation

Organizations should prioritize patching immediately. It is crucial to apply available updates to dingfanzuCMS to mitigate this vulnerability. If a patch is unavailable, consider implementing workarounds such as input validation and content filtering improvements to secure the application.

Detection Guidance

Monitoring for unusual SQL queries and behavioral anomalies in the application's logs can help detect potential exploitation attempts. Additionally, reviewing network signatures related to the "checkOrder.php" module may reveal signs of intrusion.

AppSecure Threat Intelligence Insight

CVE-2025-22976 highlights the ongoing risk of SQL Injection vulnerabilities in web applications. Security teams should remain vigilant in identifying and remediating similar vulnerabilities. For a comprehensive approach, organizations can refer to our API penetration testing guide to enhance their security posture. Furthermore, understanding common attack patterns through resources such as our injection attacks analysis can provide valuable insights for preventing future exploits. Finally, organizations are encouraged to engage in regular penetration testing to assess their defenses against such vulnerabilities.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-22976: High Vulnerability in dingfanzuCMS