CNNVD-202511-2364 Information

CNNVD ID

CNNVD-202511-2364

Related CVE

CVE-2025-13451

• CNNVD Published: 2025-11-20

Description (Chinese)

SourceCodester Online Shop Project是SourceCodester开源的一个在线商店项目。 SourceCodester Online Shop Project 1.0版本存在安全漏洞，该漏洞源于对文件/action.php中参数Search的错误操作，可能导致SQL注入攻击。

Description (English)

The SourceCodester Online Shop Project is an online shop project that is open to ServiceCodester. The security loophole in version 1.0 of SourceCodester Online Shop Project stems from an error in the Search parameter in file/action.php, which could lead to an injection attack on SQL.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

SourceCodester

Published

2025-11-20

Last Modified

2026-02-24

References

https://github.com/xiaojuzirr/cve/issues/4 https://vuldb.com/?ctiid.333021 https://vuldb.com/?id.333021 https://vuldb.com/?submit.694674 https://www.sourcecodester.com/