CNNVD-202508-3230 Information

CNNVD ID

CNNVD-202508-3230

Related CVE

CVE-2025-50972

• CNNVD Published: 2025-08-27

Description (Chinese)

AbanteCart是AbanteCart开源的一个电子商务平台。 AbanteCart 1.4.2版本存在安全漏洞，该漏洞源于index.php中tmpl_id参数未经验证，可能导致SQL注入攻击。

Description (English)

AbanteCart is an open-source e-commerce platform for AbanteCart. Version 1.4.2 of AbanteCart has a security loophole, which originates from unverified tmpl id parameters in index.php, which may result in an injection of SQL into the attack.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

AbanteCart

Published

2025-08-27

Last Modified

2026-02-24

References

https://github.com/4rdr/proofs/blob/main/info/abantecart_sql_injection_1.4.2_via_template_parameter.md https://nvd.nist.gov/vuln/detail/CVE-2025-50972