CNNVD-202508-2936 Information

CNNVD ID

CNNVD-202508-2936

Related CVE

CVE-2025-50722

• CNNVD Published: 2025-08-25

Description (Chinese)

SparkShop是中国SparkShop开源的一个商城系统。 SparkShop 1.1.7版本存在安全漏洞，该漏洞源于Common.php组件权限设置不当，可能导致任意代码执行。

Description (English)

SparkShop is a commercial city system that is open to SparkShop in China. There is a security loophole in SparkShop 1.1.7, which stems from the inappropriate configuration of the Common.php component, which could lead to any code execution.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

SparkShop

Published

2025-08-25

Last Modified

2026-02-24

References

https://github.com/147536951/Qiany1/blob/main/SparkShop.pdf https://nvd.nist.gov/vuln/detail/CVE-2025-50722

Patch

https://gitee.com/sparkshop/sparkshop/releases