CNNVD-202511-1887 Information

Nov 17, 2025 cve

CNNVD ID

CNNVD-202511-1887

CVE-2024-44651

CNNVD Published: 2025-11-17

Description (Chinese)

Kashipara Online Furniture Shopping Ecommerce Website是Kashipara公司的一个快速网上购物电子商务网站。 Kashipara Online Furniture Shopping Ecommerce Website 1.0版本存在安全漏洞，该漏洞源于user_password_recover.php中recover_email参数未经验证，可能导致SQL注入攻击。

Description (English)

Kashipara Online Furniture Shoping Ecommerce Website is a fast-track e-commerce website for Kashipara. There is a security loophole in version 1.0 of Kashipara Online Furniture Shopping Ecommerce Website, which originates from unverified recover email parameters in user password recover.php, which may lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Kashipara

Published

2025-11-17

Last Modified

2026-02-24

References

https://github.com/leexsoyoung/CVEs/blob/main/CVE-2024-44651.md https://www.kashipara.com/project/php/322/ecommerce-website-in-php-with-source-code-download https://access.redhat.com/security/cve/cve-2024-44651

Share on: