CNNVD-202510-1382 Information
CNNVD ID
CNNVD-202510-1382
Related CVE
- CNNVD Published: 2025-10-09
Description (Chinese)
Code-Projects E-Commerce Website是Code-Projects开源的一个电商网站。 code-projects E-Commerce Website 1.0版本存在SQL注入漏洞,该漏洞源于对文件/pages/supplier_update.php中参数supp_id的错误操作,可能导致SQL注入攻击。
Description (English)
Code-Projects E-Commerce Website is a supplier’s website that is open to Code-Projects. Code-project E-Commerce Website Version 1.0 contains an injection loophole in SQL, which stems from an error in the application of the parameter supp id in the file/pages/supp update.php, which may lead to an attack on SQL injection.
Hazard Level
Low
Vulnerability Type
SQL注入
Affected Vendor
Code-Projects
Published
2025-10-09
Last Modified
2026-02-24
References
https://code-projects.org/ https://github.com/cxm947/CVE-report-251006 https://vuldb.com/?ctiid.327638 https://vuldb.com/?id.327638 https://vuldb.com/?submit.669747 https://github.com/cxm947/CVE-report-251006/blob/main/report.md
Share on: