CNNVD-202512-966 Information
Dec 08, 2025
cve
CNNVD ID
CNNVD-202512-966
Related CVE
- CNNVD Published: 2025-12-08
Description (Chinese)
IdeaCMS是IdeaCMS开源的一个商场系统。 IdeaCMS 1.8版本及之前版本存在SQL注入漏洞,该漏洞源于对文件app/common/logic/index/Coupon.php中参数params的错误操作,可能导致SQL注入攻击。
Description (English)
IdeaCMS is a commercial system open to IdeaCMS. IdeaCMS 1.8 and previous versions contained an injection loophole in SQL, which stemmed from an error in the operation of the parameter params in documentapp/common/logic/index/Coupon.php, which could lead to an attack on SQL injection.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
IdeaCMS
Published
2025-12-08
Last Modified
2026-02-24
References
https://github.com/rassec2/dbcve/issues/17 https://vuldb.com/?ctiid.334755 https://vuldb.com/?id.334755 https://vuldb.com/?submit.702437
Share on: