CNNVD-202512-2312 Information

CNNVD ID

CNNVD-202512-2312

Related CVE

CVE-2024-58316

• CNNVD Published: 2025-12-12

Description (Chinese)

Online Shopping System Advanced是Puneeth Reddy H C个人开发者的一个网上商店网站。 Online Shopping System Advanced 1.0版本存在SQL注入漏洞，该漏洞源于payment_success.php脚本存在SQL注入，可能导致检索敏感数据库信息。

Description (English)

Online Shoping Systems Advanced is an online shop site for Puneeth Reddy HC personal developers. Online Shoping Systems Advanced Version 1.0 has an SQL injection loophole, which originates from the SQL injection of the Payment success.php script, which may lead to the retrieval of sensitive database information.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

个人开发者

Published

2025-12-12

Last Modified

2026-02-24

References

https://github.com/PuneethReddyHC/online-shopping-system-advanced https://www.exploit-db.com/exploits/51811 https://www.vulncheck.com/advisories/online-shopping-system-advanced-sql-injection-via-payment-success-parameter