CNNVD-202510-3582 Information

CNNVD ID

CNNVD-202510-3582

Related CVE

CVE-2025-12267

• CNNVD Published: 2025-10-27

Description (Chinese)

Modern Shop - PHP eCommerce Platform是ABHIRAM B个人开发者的一个在线商城网站。 Modern Shop - PHP eCommerce Platform 20250922版本存在代码注入漏洞，该漏洞源于对文件/search中参数q的错误操作，可能导致跨站脚本攻击。

Description (English)

Modern Shop - PHP eCommerce Platform is an online mall site for ABHIRAM B personal developers. The Modern Shop - PHP eCommerce Platform 202500922 version has a code-injecting loophole, which stems from an error in the q of the parameter in the file/search and may result in a cross-site script attack.

Hazard Level

High

Vulnerability Type

代码注入

Affected Vendor

个人开发者

Published

2025-10-27

Last Modified

2026-02-24

References

https://vuldb.com/?submit.673717 https://vuldb.com/?ctiid.329939 https://vuldb.com/?id.329939 https://www.codester.com/items/comments/58847/modern-shop-php-ecommerce-platform https://cxsecurity.com/issue/WLB-2025110006