Vulnerabilities > Shipment 100 Design Material Download System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-29 | CVE-2021-29350 | SQL Injection vulnerability in Shipment 100-Design Material Download System Project Shipment 100-Design Material Download System 1.1 SQL injection in the getip function in conn/function.php in ??100-???????? 1.1 allows remote attackers to inject arbitrary SQL commands via the X-Forwarded-For header to admin/product_add.php. | 7.2 |