Beikeshop · Beikeshop · CVE-2026-11480
**Name of the Vulnerable Software and Affected Versions**
BeikeShop versions prior to 1.6.0.22
**Description**
An issue exists in the Admin Design Builder Endpoint within the file beike/Admin/Routes/admin.php. A remote attacker can perform a manipulation of the `settings.value` argument to execute a SQL injection, which is a technique where malicious SQL statements are inserted into entry fields for execution.
**Recommendations**
Deploy patch 2fa9805411088069fcc3b0c15b2f1f33d6e09958 for versions prior to 1.6.0.22.