CNNVD-202506-3178 Information
CNNVD ID
CNNVD-202506-3178
Related CVE
- CNNVD Published: 2025-06-25
Description (Chinese)
Code-Projects Inventory Management System是Code-Projects开源的一个库存管理系统。 Code-Projects Inventory Management System 1.0版本存在注入漏洞,该漏洞源于文件/php_action/createBrand.php对参数brandStatus处理不当,可能导致SQL注入攻击。
Description (English)
Code-Projects Industry Systems is a stock management system for the open source of Code-Projects. There is an injection loophole in version 1.0 of Code-Projects Inventory Management System, which stems from the inappropriate handling of the parameter BrandStatus in the document/php action/treatbrand.php, which could lead to an SQL injection attack.
Hazard Level
Medium
Vulnerability Type
注入
Affected Vendor
Code-Projects
Published
2025-06-25
Last Modified
2026-02-24
References
https://vuldb.com/?id.313828 https://code-projects.org/ https://vuldb.com/?ctiid.313828 https://vuldb.com/?submit.601976 https://github.com/Lwlej/cve/issues/2 https://nvd.nist.gov/vuln/detail/CVE-2025-6611
Share on: