CNNVD-202511-3058 Information

CNNVD ID

CNNVD-202511-3058

Related CVE

CVE-2025-13793

• CNNVD Published: 2025-11-30

Description (Chinese)

Ecommerce-Website是Winston Dsouza个人开发者的一个完整的电子商务网站，带有使用 PHP 和 MySql 构建的管理面板。 Ecommerce-Website存在代码注入漏洞，该漏洞源于文件/includes/header_menu.php中参数Error的错误操作，可能导致跨站脚本攻击。

Description (English)

Ecommerce-Website is a complete e-commerce website for Winston Dsouza personal developers with a management panel built using PHP and MySql. Ecommerce-Website has a code-infusion loophole, which stems from the error of Error, the parameter in the file/includes/header menu.php, which could lead to a cross-site script attack.

Hazard Level

High

Vulnerability Type

代码注入

Affected Vendor

个人开发者

Published

2025-11-30

Last Modified

2026-02-24

References

https://github.com/dream357/report/blob/main/ecommerce-website.docx https://vuldb.com/?ctiid.333797 https://vuldb.com/?submit.691622 https://vuldb.com/?id.333797 https://access.redhat.com/security/cve/cve-2025-13793