CNNVD-202601-5000 Information

CNNVD ID

CNNVD-202601-5000

Related CVE

CVE-2020-37033

• CNNVD Published: 2026-01-30

Description (Chinese)

Infor Storefront B2B是美国Infor公司的一个电子商务平台。 Infor Storefront B2B 1.0版本存在SQL注入漏洞，该漏洞源于登录请求中的usr_name参数处理不当，可能导致SQL注入攻击。

Description (English)

Infor Storefront B2B is an e-commerce platform for Infor Corporation in the United States. InforStorefront B2B 1.0 has an injection loophole in SQL, which stems from the inappropriate handling of the usr name parameter in the login request, which could lead to an SQL injection attack.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

Infor

Published

2026-01-30

Last Modified

2026-02-24

References

https://www.insitesoft.com/infor-storefront/ https://web.archive.org/web/20191223051205/ https://www.exploit-db.com/exploits/48674 https://www.vulncheck.com/advisories/infor-storefront-bb-usrname-sql-injection