漏洞描述
E-Commerce-Website-Using-PHP是一款免费开源的全功能电商网站项目。 E-Commerce-Website-Using-PHP 1.0版本存在注入漏洞,该漏洞源于对参数p_cat的错误操作会导致SQL注入。
E-Commerce-Website-Using-PHP 注入漏洞
PoC代码
暂无相关漏洞推荐
- phpMyFAQ /api/setup/backup 信息泄露漏洞(CVE-2025-69200)
- PHP 安全漏洞
- POC CVE-2019-10647: ZZZCMS ZZZPHP 1.6.3 – Remote PHP Code Execution (RCE)
- POC wp-woocommerce-admin-fpd: WordPress Plugin WooCommerce Admin (woocommerce-admin) Full Path Disclosure
- POC CVE-2022-28666: Custom Product Tabs for WooCommerce < 1.7.8 - Unauthenticated Toggle Content Setting Update
- POC CVE-2023-38875: PHP Login System 2.0.1 - Cross-Site Scripting
- POC functions-php-disclosure: functions.php Full Path Disclosure
- WordPress WooCommerce Designer Pro 插件 /wp-admin/admin-ajax.php wcdp_save_canvas_design_ajax 文件上传漏洞(CVE-2025-6440)
- POC CVE-2025-44136: MapTiler Tileserver-php v2.0 - Unauthenticated XSS
- POC CVE-2025-44137: MapTiler Tileserver-php v2.0 - Unauthenticated File Read
- POC generic-php-files: Generic PHP Backup Information Disclosure
- WordPress Google for WooCommerce /wp-content/plugins/google-listings-and-ads/vendor/googleads/google-ads-php/scripts/print_php_information.php 信息泄露漏洞(CVE-2024-10486)
- Adobe Commerce/Magento SessionReaper /customer/address_file/upload 文件上传漏洞(CVE-2025-54236)