CNNVD-202601-1611 Information

CNNVD ID

CNNVD-202601-1611

Related CVE

CVE-2025-15496

• CNNVD Published: 2026-01-09

Description (Chinese)

yshopmall是guchengwuyue个人开发者的一个商城系统。 yshopmall 1.9.1及之前版本存在安全漏洞，该漏洞源于对文件/api/jobs中参数sort的错误操作，可能导致SQL注入攻击。

Description (English)

Yshopmall is a mall system of guchengwuyue personal developers. There is a security loophole in yshopmall 1.9.1 and earlier versions, which stems from an error in the sort of the parameters in the document/api/jobs, which could lead to an attack on SQL.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-09

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.340274 https://vuldb.com/?submit.726464 https://vuldb.com/?id.340274 https://github.com/guchengwuyue/yshopmall/issues/39#issue-3769727898 https://access.redhat.com/security/cve/cve-2025-15496