CNNVD-202602-1006 Information

CNNVD ID

CNNVD-202602-1006

Related CVE

CVE-2019-25299

• CNNVD Published: 2026-02-06

Description (Chinese)

AhadPOS是rimbalinux个人开发者的一个基于Web的销售点软件。 AhadPOS 1.11版本存在SQL注入漏洞，该漏洞源于alamatCustomer参数存在SQL注入，可能导致攻击者提取信息或与底层数据库交互。

Description (English)

AhadPOS is a Web-based marketing point software for the personal developers of the rimbalinux. Version 1.11 of AhadPOS has an injection loophole in SQL, which stems from the presence of SQL injections of the lamatCustomer parameter, which may lead to the attackers extracting information or interacting with the bottom database.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

个人开发者

Published

2026-02-06

Last Modified

2026-02-24

References

https://github.com/rimbalinux/AhadPOS https://www.exploit-db.com/exploits/47585 https://www.vulncheck.com/advisories/rimbalinux-ahadpos-alamatcustomer-sql-injection