CNNVD-202509-1762 Information

CNNVD ID

CNNVD-202509-1762

Related CVE

CVE-2025-10287

• CNNVD Published: 2025-09-12

Description (Chinese)

roncoo-pay（龙果支付系统）是领课网络（RonCoo）开源的一个互联网支付系统。 roncoo-pay存在安全漏洞，该漏洞源于对文件/auth/orderQuery中参数orderNo的错误操作，可能导致直接请求攻击。

Description (English)

Roncoo-pay (Rongo Payment System) is an Internet payment system that is an open source for the RonCoo network. There is a security loophole in the roncoo-pay, which stems from the erroneous operation of the parameter orderno in the document/auth/orderQuery, which could lead to a direct request for an attack.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Rotem Dynamics

Published

2025-09-12

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.323649 https://vuldb.com/?id.323649 https://vuldb.com/?submit.643387 https://www.cnblogs.com/aibot/p/19063496 https://access.redhat.com/security/cve/cve-2025-10287