CNNVD-202509-4243 Information

CNNVD ID

CNNVD-202509-4243

Related CVE

CVE-2025-11070

• CNNVD Published: 2025-09-27

Description (Chinese)

Projectworlds Online Shopping System是奥地利Projectworlds公司的一个在线购物系统。 Projectworlds Online Shopping System 1.0版本存在SQL注入漏洞，该漏洞源于对文件/store/cart_add.php中参数ID的错误操作，可能导致SQL注入攻击。

Description (English)

Projectworlds Online Shoping Systems is an online shopping system of the Austrian Projectworlds company. Projectworlds Online Shoping System Version 1.0 contains an injection loophole in SQL, which results from an error in the operation of parameter ID in the file/store/cart add.php, which could lead to an attack on SQL injection.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

Projectworlds

Published

2025-09-27

Last Modified

2026-02-24

References

https://vuldb.com/?submit.659660 https://vuldb.com/?id.326109 https://github.com/underatted/CVE/issues/5 https://vuldb.com/?ctiid.326109 https://access.redhat.com/security/cve/cve-2025-11070