漏洞描述
SourceCodester Web-based Pharmacy Product Management System是SourceCodester开源的一个基于 Web 的药房产品管理系统。 SourceCodester Web-based Pharmacy Product Management System 1.0版本存在命令注入漏洞,该漏洞源于对文件backup.php中参数txtdbname的错误操作导致操作系统命令注入。
SourceCodester Web-based Pharmacy Product Management System 命令注入漏洞
PoC代码
暂无相关漏洞推荐
- School Fees Payment System /student.php SQL 注入漏洞(CVE-2025-6403)
- POC CVE-2025-6403: Code-Projects School Fees Payment System 1.0 - SQL Injection
- 中成科信票务管理系统 /SystemManager/OrderManager/OrderManager.ashx 文件读取漏洞
- 亿赛通电子文档安全管理系统 /CDGServer3/logManagement/LogDownLoadService SQL 注入漏洞
- 孚盟云CRM AjaxProductTemplateList.ashx SQL 注入漏洞
- HJSoft HCM Human Resources Management System /selfservice/lawresource/downlawbase SQL 注入漏洞(CVE-2025-10197)
- Code-Projects Project Monitoring System SQL注入漏洞
- CodeAstro Gym Management System SQL注入漏洞
- CodeAstro Gym Management System SQL注入漏洞
- ZYCOO CooVox Series IP Phone System /login 默认口令漏洞
- PHPGurukul Employee Record Management System 代码注入漏洞
- Code-Projects Simple Scheduling System SQL注入漏洞
- Code-Projects Simple Scheduling System SQL注入漏洞