CNNVD-202511-1953 Information

CNNVD ID

CNNVD-202511-1953

Related CVE

CVE-2025-13257

• CNNVD Published: 2025-11-17

Description (Chinese)

Inventory Management System是stemword个人开发者的一个库存管理系统。 Inventory Management System 1.0版本存在SQL注入漏洞，该漏洞源于对文件/admin/user/index.php?view=edit中参数ID的错误操作，可能导致SQL注入。

Description (English)

Inventory Management Systems is an inventory management system for the personal developers of Stemword. Version 1.0 of Inventory Management System has an injection loophole in SQL, which is the result of a mishandling of parameter ID in document/admin/user/index.php?view=edit, which may lead to SQL injection.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

个人开发者

Published

2025-11-17

Last Modified

2026-02-24

References

https://vuldb.com/?id.332592 https://vuldb.com/?submit.687863 https://vuldb.com/?ctiid.332592 https://github.com/iamzzzzz/iam/issues/3 https://itsourcecode.com/ https://access.redhat.com/security/cve/cve-2025-13257