CNNVD-202602-273 Information
CNNVD ID
CNNVD-202602-273
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
Fikir Odalari AdminPando是土耳其Fikir Odalari公司的一个后台管理系统。 Fikir Odalari AdminPando 1.0.1版本(2026-01-26之前)存在SQL注入漏洞,该漏洞源于登录功能中的用户名和密码参数存在SQL注入,可能导致未经验证攻击者完全绕过身份验证。
Description (English)
Fikir Odalari AdminPando is a back-office management system for the Turkish company Fikir Odalari. Fikir Odalari AdminPando version 1.0.1 (before 2026-01-26) contains a leak in SQL, which stems from the presence of SQL in user names and password parameters in the login function, which may result in the complete circumvention of identification by uncertified assailants.
Hazard Level
High
Vulnerability Type
SQL注入
Affected Vendor
Fikir Odalari
Published
2026-02-03
Last Modified
2026-02-24
References
https://github.com/onurcangnc/CVE-2025-10878-AdminPandov1.0.1-SQLi https://onurcangenc.com.tr/posts/cve-2025-10878-sql-authentication-bypass-in-fikir-odalar%C4%B1-adminpando/
Share on: