ID
VAR-202004-2255
TITLE
There is a SQL injection vulnerability in the or***.php file of Jinwei Mobile Store
Trust: 0.6
sources:
CNVD: CNVD-2020-23561
DESCRIPTION
The Jinwei mobile shopping mall system is suitable for Wechat customers with a public account. It imitates the layout of the page and supports embedded video playback. Support custom model specifications, main specifications support accompanying pictures, each subdivision model supports inventory control, subdivision models can set different prices. There is a SQL injection vulnerability in the or***.php file of the Jinwei mobile shopping mall system. Attackers can use vulnerabilities to obtain sensitive database information.
Trust: 0.6
sources:
CNVD: CNVD-2020-23561
IOT TAXONOMY
| category: | ['IoT'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2020-23561
AFFECTED PRODUCTS
| vendor: | hubei taoma qianwei information | model: | jinwei mobile shopping system | scope: | eq | version: | v0.2.5 | Trust: 0.6 |
sources:
CNVD: CNVD-2020-23561
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
CNVD: CNVD-2020-23561
PATCH
| title: | There is a SQL injection vulnerability in order.php of version 0.2.4 of the Jinwei mobile shopping mall system | url: | https://www.cnvd.org.cn/patchinfo/show/208825 | Trust: 0.6 |
sources:
CNVD: CNVD-2020-23561
EXTERNAL IDS
| db: | CNVD | id: | CNVD-2020-23561 | Trust: 0.6 |
sources:
CNVD: CNVD-2020-23561
SOURCES
| db: | CNVD | id: | CNVD-2020-23561 |
LAST UPDATE DATE
2022-05-04T09:28:10.141000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2020-23561 | date: | 2020-04-24T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2020-23561 | date: | 2020-04-27T00:00:00 |