CNNVD-202506-2034 Information

CNNVD ID

CNNVD-202506-2034

Related CVE

CVE-2025-6173

• CNNVD Published: 2025-06-17

Description (Chinese)

Webkul QloApps是Webkul公司的一个酒店预定管理软件。 Webkul QloApps 1.6.1版本存在注入漏洞，该漏洞源于对文件/admin/ajax_products_list.php中参数packItself的错误操作导致SQL注入。

Description (English)

Webkul QloApps is a hotel reservation management software for Webkul. Webkul QloApps Version 1.6.1 has an injection loophole, which results from an error in the parameter packItself in the document/admin/ajax products list.php.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

Webkul

Published

2025-06-17

Last Modified

2026-02-24

References

https://github.com/caigo8/CVE-md/blob/main/QloApps/SQL_Injection.md#vulnerability-recurrence https://vuldb.com/?submit.593679 https://vuldb.com/?ctiid.312661 https://vuldb.com/?id.312661 https://nvd.nist.gov/vuln/detail/CVE-2025-6173 https://access.redhat.com/security/cve/cve-2025-6173