CNNVD-202601-1595 Information

CNNVD ID

CNNVD-202601-1595

Related CVE

CVE-2025-51626

• CNNVD Published: 2026-01-09

Description (Chinese)

pss.sale.com是中国XiaoLiuChu个人开发者的一个商品售卖系统。 pss.sale.com 1.0版本存在安全漏洞，该漏洞源于对端点userfiles/php/cancel_order.php中参数id的错误操作，可能导致SQL注入攻击。

Description (English)

Pss.s.sale.com is a system of sale of goods by Xiao LiuChu personal developers in China. There is a security loophole in version 1.0 of pss.sale.com, which stems from the error of the parameter id in the endpoint userfiles/php/cancel order.php, which could lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-09

Last Modified

2026-02-24

References

https://gist.github.com/hnking-star/17d4c9c990c2324ef109fecb4fc4630c https://gitee.com/XiaoLiuChu/pss.sale.com/tree/master https://access.redhat.com/security/cve/cve-2025-51626