CNNVD-202602-229 Information
CNNVD ID
CNNVD-202602-229
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
Fishing Reservation System是Fishing Reservation公司的一个钓鱼预约系统。 Fishing Reservation System 7.5版本存在SQL注入漏洞,该漏洞源于admin.php、cart.php和calendar.php中存在多个远程SQL注入漏洞,攻击者可通过uid、pid、type、m、y和code等参数注入恶意SQL命令,可能导致数据库管理系统和Web应用被攻陷。
Description (English)
Fishing Reservation System is a fishing reservation system of Fishing Reservation. Fishing Service System 7.5 has a leak in SQL, which originates from multiple remote SQL injection holes in admin.php, cart.php and calendar.php, where the attackers can inject malicious SQL orders through parameters such as uid, Pid, type, m, y and code, which could lead to the collapse of the database management system and Web application.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
Fishing Reservation
Published
2026-02-03
Last Modified
2026-02-24
References
https://fishingreservationsystem.com/index.html https://www.exploit-db.com/exploits/48417 https://www.vulncheck.com/advisories/fishing-reservation-system-uid-sql-injection https://www.vulnerability-lab.com/get_content.php?id=2243
Share on: