CNNVD-202510-2625 Information

CNNVD ID

CNNVD-202510-2625

Related CVE

CVE-2025-61455

• CNNVD Published: 2025-10-20

Description (Chinese)

E-commerce是Bhabishya Ghimire个人开发者的一个动态的电子商务网站。 E-commerce 1.0版本存在安全漏洞，该漏洞源于signup.inc.php端点未清理用户输入，可能导致SQL注入攻击和身份验证绕过。

Description (English)

E-commerce is a dynamic e-commerce website for Bhabishya Ghimire personal developers. There is a security loophole in version E-commerce 1.0, which originates from uncleaned user input at the signup.inc.php endpoint, which may result in SQL being injected into attack and identification bypassing.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-20

Last Modified

2026-02-24

References

https://github.com/tansique-17/CVE-2025-61455 https://access.redhat.com/security/cve/cve-2025-61455