CNNVD-202507-939 Information

CNNVD ID

CNNVD-202507-939

Related CVE

CVE-2025-7175

• CNNVD Published: 2025-07-08

Description (Chinese)

Code-Projects E-Commerce Site是Code-Projects开源的一个电子商务网站。 code-projects E-Commerce Site 1.0版本存在代码问题漏洞，该漏洞源于文件/admin/users_photo.php中参数photo操作不当，可能导致任意文件上传。

Description (English)

Code-Projects E-Commerce Site is an open-source e-commerce website for Code-Projects. There is a code problem loophole in version 1.0 of code-project E-Commerce Site, which stems from the inappropriate operation of the parameter photo in file/admin/user photo.php, which may lead to any upload of the document.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Code-Projects

Published

2025-07-08

Last Modified

2026-02-24

References

https://code-projects.org/ https://github.com/kn1g78/cve/blob/main/ecom.md https://vuldb.com/?ctiid.315114 https://vuldb.com/?id.315114 https://vuldb.com/?submit.606710