CNNVD-202511-1892 Information

CNNVD ID

CNNVD-202511-1892

Related CVE

CVE-2024-44652

• CNNVD Published: 2025-11-17

Description (Chinese)

Kashipara Online Furniture Shopping Ecommerce Website是Kashipara公司的一个快速网上购物电子商务网站。 Kashipara Online Furniture Shopping Ecommerce Website 1.0版本存在安全漏洞，该漏洞源于user_register.php中user_email、username、user_firstname、user_lastname和user_address参数未经验证，可能导致SQL注入攻击。

Description (English)

Kashipara Online Furniture Shoping Ecommerce Website is a fast-track e-commerce website for Kashipara. There is a security loophole in version 1.0 of Kashipara Online Furniture Shopping Ecommerce Website, which originates from user register.php:user email, user firstname, user lastname and user address parameters, which could lead to an unverified SQL injection attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Kashipara

Published

2025-11-17

Last Modified

2026-02-24

References

https://github.com/leexsoyoung/CVEs/blob/main/CVE-2024-44652.md https://www.kashipara.com/project/php/322/ecommerce-website-in-php-with-source-code-download https://access.redhat.com/security/cve/cve-2024-44652