CNNVD-202511-096 Information

CNNVD ID

CNNVD-202511-096

Related CVE

CVE-2025-12617

• CNNVD Published: 2025-11-03

Description (Chinese)

itsourcecode Billing System是itsourcecode开源的一个系统开发的PHP MySQL数据库，使用HTML，CSS，Bootstrap，JavaScript，Ajax，J Query和Modal。这个PH 计费系统项目包含一个管理员端，管理员可以在其中管理所有计费活动和客户信息。 itsourcecode Billing System 1.0版本存在SQL注入漏洞，该漏洞源于对文件/admin/app/login_crud.php中参数Password的错误操作，可能导致SQL注入攻击。

Description (English)

Its sourcecode Billing System is a PHP MySQL database developed by a system that is open to use HTML, CSS, Bootstream, JavaScript, Ajax, J Query and Modal. The PH billing system project includes a manager-end in which managers manage all billing activities and client information. Its sourcecode Billing System Version 1.0 contains an injection loophole in SQL, which results from an error in the parameter Password in the document/admin/app/login crud.php, which could lead to an attack on SQL injection.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

itsourcecode

Published

2025-11-03

Last Modified

2026-02-24

References

https://www.yuque.com/yuqueyonghuexlgkz/zepczx/py9oh6m1p7mx4eqr?singleDoc https://vuldb.com/?id.330911 https://vuldb.com/?submit.678665 https://vuldb.com/?ctiid.330911 https://itsourcecode.com/