CNNVD-202508-3063 Information

CNNVD ID

CNNVD-202508-3063

Related CVE

CVE-2025-50971

• CNNVD Published: 2025-08-26

Description (Chinese)

AbanteCart是AbanteCart开源的一个电子商务平台。 AbanteCart 1.4.2版本存在安全漏洞，该漏洞源于index.php中模板参数存在目录遍历，可能导致访问敏感系统文件。

Description (English)

AbanteCart is an open-source e-commerce platform for AbanteCart. The security gap in version 1.4.2 of AbanteCart stems from the existence of directory history of template parameters in index.php, which may lead to access to sensitive system files.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

AbanteCart

Published

2025-08-26

Last Modified

2026-02-24

References

https://github.com/4rdr/proofs/blob/main/info/abantecart_file_traversal_1.4.2_via_template_parameter.md https://nvd.nist.gov/vuln/detail/CVE-2025-50971