CNNVD-202509-4246 Information
CNNVD ID
CNNVD-202509-4246
Related CVE
- CNNVD Published: 2025-09-27
Description (Chinese)
Code-Projects Online Bidding System是Code-Projects开源的一个在线竞价系统。 Code-Projects Online Bidding System 1.0版本存在SQL注入漏洞,该漏洞源于对文件/administrator/bidlist.php中参数ID的错误操作,可能导致SQL注入攻击。
Description (English)
Code-Projects Online Bidding Systems is an online competitive system open to Code-Projects. The Code-Projects Online Bidding System Version 1.0 contains an injection loophole in SQL, which stems from the error of the parameter ID in the file/administrator/bidlist.php, which could lead to an attack on SQL injection.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
Code-Projects
Published
2025-09-27
Last Modified
2026-02-24
References
https://github.com/Edenchen321/-/blob/main/report.md https://code-projects.org/ https://vuldb.com/?submit.659642 https://vuldb.com/?ctiid.326105 https://vuldb.com/?id.326105 https://access.redhat.com/security/cve/cve-2025-11066
Share on: