CNNVD-202510-3640 Information
CNNVD ID
CNNVD-202510-3640
Related CVE
- CNNVD Published: 2025-10-27
Description (Chinese)
Projectworlds Online Shopping System是奥地利Projectworlds公司的一个在线购物系统。 Projectworlds Online Shopping System 1.0版本存在SQL注入漏洞,该漏洞源于对文件/login_submit.php中参数keywords的错误操作,可能导致SQL注入攻击。
Description (English)
Projectworlds Online Shoping Systems is an online shopping system of the Austrian Projectworlds company. Projectworlds Online Shoping System Version 1.0 contains an injection loophole in SQL, which results from a mishandling of the parameter keywords in the document/login submit.php, which could lead to an attack on SQL injection.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
Projectworlds
Published
2025-10-27
Last Modified
2026-02-24
References
https://vuldb.com/?id.329885 https://vuldb.com/?ctiid.329885 https://github.com/juzidddd/SQL-Injection-Vulnerability-in-Projectworlds-PHP-Online-Shopping-System/issues/1 https://vuldb.com/?submit.673302
Share on: