CVE-2026-3957

Name of the Vulnerable Software and Affected Versions xierongwkhd weimai-wetapp versions up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2

Description A flaw exists in xierongwkhd weimai-wetapp. The issue affects the getLikeMovieList function within the file source-code/src/main/java/com/moke/wp/wx weimai/controller/HomeController.java of the Endpoint component. Manipulation of the cat argument can lead to SQL injection. The attack can be executed remotely. The exploit has been published. The product uses a rolling release model, meaning version information for affected or updated releases is unavailable. The project was notified of the issue but has not responded.

Recommendations Versions up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2: At the moment, there is no information about a newer version that contains a fix for this vulnerability.