Lucene search
K

9 matches found

Github Security Blog
Github Security Blog
added 2026/04/30 6:30 p.m.20 views

Shopizer has a path traversal issue

A path traversal vulnerability in the /content/images/add endpoint of shopizer through version 3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request...

10CVSS5.9AI score0.00412EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/30 6:30 p.m.7 views

GHSA-F5W4-7CCJ-5M75 Shopizer has a path traversal issue

A path traversal vulnerability in the /content/images/add endpoint of shopizer through version 3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request...

10CVSS5.9AI score0.00412EPSS
Exploits0References3
NVD
NVD
added 2026/04/30 5:16 p.m.6 views

CVE-2026-36767

A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request...

10CVSS0.00412EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/30 12:0 a.m.2 views

CVE-2026-36767

A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request...

5.6AI score0.00412EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/30 12:0 a.m.8 views

EUVD-2026-26401

A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request...

10CVSS5.5AI score0.00412EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/30 12:0 a.m.6 views

CVE-2026-36767

A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request...

10CVSS5.5AI score0.00412EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.7 views

PT-2026-36133

Name of the Vulnerable Software and Affected Versions shopizer version 3.2.5 Description A path traversal issue in the '/content/images/add' endpoint allows attackers to write arbitrary files to any writable path using a crafted POST request. Path traversal is a technique that allows an attacker ...

10CVSS5.9AI score0.00412EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/04/30 12:0 a.m.34 views

CVE-2026-36767

A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request...

0.00412EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.14 views

Shopizer 路径遍历漏洞

Shopizer is an open-source e-commerce solution developed by the Shopizer team, based on Java. Version 3.2.5 of Shopizer contains a path traversal vulnerability. This vulnerability stems from the /content/images/add endpoint, where path traversal is possible, allowing attackers to write arbitrary...

10CVSS5.9AI score0.00412EPSS
Exploits0References1
Rows per page
Query Builder