CNNVD-202510-292 Information

CNNVD ID

CNNVD-202510-292

Related CVE

CVE-2025-56162

• CNNVD Published: 2025-10-02

Description (Chinese)

Yoshop是中国yiovo开源的一款电商系统。 Yoshop 2.0版本存在安全漏洞，该漏洞源于未经验证的goodsIds参数，可能导致SQL注入攻击。

Description (English)

Yoshop is an electric power provider system that is open to Yiovo in China. There is a security loophole in Yoshop 2.0, which originates from unverified GoodsIDs parameters and could lead to an attack by SQL.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

yiovo

Published

2025-10-02

Last Modified

2026-02-24

References

https://gitee.com/xany/yoshop2.0 https://github.com/ZyWAC/CVE-Disclosures/blob/6b337a44934ffe948275995e9b79158e97c78fc4/2025/YOSHOP2.0/CVE-2025-56162.md