CNNVD-202509-330 Information

CNNVD ID

CNNVD-202509-330

Related CVE

CVE-2025-57148

• CNNVD Published: 2025-09-03

Description (Chinese)

PHPGurukul Online Shopping Portal是PHPGurukul公司的一个在线商店。 phpgurukul Online Shopping Portal 2.0版本存在安全漏洞，该漏洞源于/admin/insert-product.php中缺少扩展名验证，可能导致任意文件上传。

Description (English)

PHPGurukul Online Shoping Portal is an online shop of PHPGurukul. There is a security loophole in version 2.0 of phpgurukul Online Shoping Portal, which stems from the lack of extension authentication in /admin/insert-product.php, which may lead to the uploading of any document.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

PHPGurukul

Published

2025-09-03

Last Modified

2026-02-24

References

https://doc.clickup.com/3897127/p/h/3pxt7-12496/7fdf159633a77d1 https://access.redhat.com/security/cve/cve-2025-57148