CNNVD-202602-1201 Information

CNNVD ID

CNNVD-202602-1201

Related CVE

CVE-2026-2164

• CNNVD Published: 2026-02-08

Description (Chinese)

E-commerce是Bhabishya Ghimire个人开发者的一个动态的电子商务网站。 E-commerce 1.0.0版本存在代码问题漏洞，该漏洞源于对文件/seller/assets/backend/profile/addadhar.php中参数File的错误操作，可能导致任意文件上传。

Description (English)

E-commerce is a dynamic e-commerce website for Bhabishya Ghimire personal developers. There is a code gap in version E-commerce 1.0.0, which stems from an error in the argument File in file/seller/assets/backend/file/addadhar.php, which may lead to any upload of the document.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

个人开发者

Published

2026-02-08

Last Modified

2026-02-24

References

https://vuldb.com/?id.344866 https://github.com/Nixon-H/PHP-Unrestricted-Upload-RCE https://github.com/detronetdip/E-commerce/ https://github.com/detronetdip/E-commerce/issues/23 https://vuldb.com/?ctiid.344866 https://vuldb.com/?submit.751853 https://access.redhat.com/security/cve/cve-2026-2164