CNNVD-202602-1200 Information

CNNVD ID

CNNVD-202602-1200

Related CVE

CVE-2026-2165

• CNNVD Published: 2026-02-08

Description (Chinese)

E-commerce是Bhabishya Ghimire个人开发者的一个动态的电子商务网站。 E-commerce 1.0.0版本存在访问控制错误漏洞，该漏洞源于对文件/Admin/assets/backend/seller/add_seller.php中参数email的错误操作，可能导致身份验证缺失。

Description (English)

E-commerce is a dynamic e-commerce website for Bhabishya Ghimire personal developers. Version E-commerce 1.0.0 contains a bug in access control, which stems from an error in the email of the parameter in the document/Admin/assets/backend/seller/add seller.php, which may lead to a missing identity.

Hazard Level

Medium

Vulnerability Type

访问控制错误

Affected Vendor

个人开发者

Published

2026-02-08

Last Modified

2026-02-24

References

https://vuldb.com/?id.344867 https://github.com/Nixon-H/Unauthenticated-Admin-Account-Creation https://vuldb.com/?submit.751857 https://github.com/detronetdip/E-commerce/ https://github.com/detronetdip/E-commerce/issues/23 https://vuldb.com/?ctiid.344867 https://access.redhat.com/security/cve/cve-2026-2165