CNNVD-202511-2076 Information
CNNVD ID
CNNVD-202511-2076
Related CVE
- CNNVD Published: 2025-11-18
Description (Chinese)
SourceCodester Train Station Ticketing System是SourceCodester开源的一个火车站售票系统。 SourceCodester Train Station Ticketing System 1.0版本存在SQL注入漏洞,该漏洞源于对文件/ajax.php中参数Username的错误操作,可能导致SQL注入攻击。
Description (English)
SourceCodester Train Service Ticking System is a ticket-sale system at the SourceCodester station. The sourceCodester Train Service Ticking System Version 1.0 contains an injection loophole in SQL, which is the result of an error in Username, the parameter in the document/ajax.php, which may lead to an attack on SQL injection.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
SourceCodester
Published
2025-11-18
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.332762 https://vuldb.com/?submit.691940 https://github.com/puppytgyh/-CVE/issues/14 https://www.sourcecodester.com/ https://vuldb.com/?id.332762 https://access.redhat.com/security/cve/cve-2025-13344
Share on: