CNNVD-202508-777 Information

CNNVD ID

CNNVD-202508-777

Related CVE

CVE-2012-10044

• CNNVD Published: 2025-08-08

Description (Chinese)

MobileCartly是MobileCartly公司的一个移动电子商务购物车系统。 MobileCartly 1.0版本存在安全漏洞，该漏洞源于savepage.php脚本未进行身份验证或授权检查，可能导致任意文件创建和远程代码执行。

Description (English)

MobileCartly is a mobile e-commerce shopping car system of MobileCartly. MobileCartly Version 1.0 contains a security loophole, which stems from the fact that a savepage.php script does not perform authentication or authorization checks, which may lead to any creation of files and remote code execution.

Hazard Level

High

Vulnerability Type

其他

Published

2025-08-08

Last Modified

2026-02-24

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/ http://mobilecartly.com/ https://web.archive.org/web/20120919081957/ https://www.exploit-db.com/exploits/20422 https://www.exploit-db.com/exploits/21079 https://www.vulncheck.com/advisories/mobilecartly-arbitrary-file-creation https://access.redhat.com/security/cve/cve-2012-10044