CNNVD-202507-1173 Information
CNNVD ID
CNNVD-202507-1173
Related CVE
- CNNVD Published: 2025-07-08
Description (Chinese)
itsourcecode Agri-Trading Online Shopping System是itsourcecode开源的一个在线购物系统。 itsourcecode Agri-Trading Online Shopping System 1.0及之前版本存在注入漏洞,该漏洞源于文件/admin/suppliercontroller.php中参数supplier操作不当,可能导致SQL注入攻击。
Description (English)
ItsourcecodeAgri-TranstingOnlineSHoppingSystem is an online shopping system open to accesscode. Its sourcecodeAgri-TrackingOnlineSHopping System 1.0 and previous versions had an injection loophole, which stemmed from the inappropriate operation of the supplier in the document/admin/suppliercontroller.php, which could lead to an SQL injection attack.
Hazard Level
Medium
Vulnerability Type
注入
Affected Vendor
itsourcecode
Published
2025-07-08
Last Modified
2026-02-24
References
https://vuldb.com/?submit.607303 https://vuldb.com/?id.315132 https://vuldb.com/?ctiid.315132 https://github.com/Sp1d3rL1/CVE/issues/7 https://itsourcecode.com/ https://access.redhat.com/security/cve/cve-2025-7193
Patch
https://itsourcecode.com/free-projects/php-project/php-project-online-shopping-with-source-code/
Share on: