177 matches found
evershop-stored-xss-cve
Security Vulnerability Disclosure – Stored XSS via File Upload...
CVE-2026-28213
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attacker to take over the associated account. Version...
Weak Password Recovery Mechanism for Forgotten Password
Overview @evershop/evershop is a The React Ecommerce platform. Built with React and Postgres. Open-source and free. Fast and customizable. Affected versions of this package are vulnerable to Weak Password Recovery Mechanism for Forgotten Password. An attacker can gain unauthorized access to...
CVE-2026-28213
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attacker to take over the associated account. Version...
EUVD-2026-8911
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attacker to take over the associated account. Version...
CVE-2026-28213 EverShop Vulnerable to Arbitrary Customer Account Takeover via Exposure of Password Reset Token in API Response
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attacker to take over the associated account. Version...
CVE-2026-28213
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attacker to take over the associated account. Version...
CVE-2026-28213 EverShop Vulnerable to Arbitrary Customer Account Takeover via Exposure of Password Reset Token in API Response
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attacker to take over the associated account. Version...
CVE-2026-28213 EverShop Vulnerable to Arbitrary Customer Account Takeover via Exposure of Password Reset Token in API Response
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attacker to take over the associated account. Version...
CVE-2026-28213
EverShop (TypeScript-first eCommerce platform) prior to version 2.1.1 is affected by a vulnerability in the Forgot Password flow. When a target email is specified, the API response reveals the password reset token, enabling potential account takeover. The issue affects versions before 2.1.1; upgr...
PT-2026-22209
Name of the Vulnerable Software and Affected Versions EverShop versions prior to 2.1.1 Description EverShop, a TypeScript-first eCommerce platform, has an issue in the "Forgot Password" functionality. When a target email address is provided, the API response includes the password reset token. Thi...
EverShop 授权问题漏洞
EverShop is an open-source NodeJS e-commerce platform developed by EverShop. Versions of EverShop prior to 2.1.1 had an authorization issue vulnerability. This vulnerability stemmed from the forget password feature returning a password reset token in the API response, which could lead to account...
CVE-2026-25993
EverShop is a TypeScript-first eCommerce platform. During category update and deletion event handling, the application embeds path / requestpath values—derived from the urlkey stored in the database—into SQL statements via string concatenation and passes them to execute. As a result, if a malicio...
SQL Injection
Overview @evershop/evershop is a The React Ecommerce platform. Built with React and Postgres. Open-source and free. Fast and customizable. Affected versions of this package are vulnerable to SQL Injection via the category value used for update and delete operations. It is input to the execute...
CVE-2026-25993
EverShop is a TypeScript-first eCommerce platform. During category update and deletion event handling, the application embeds path / requestpath values—derived from the urlkey stored in the database—into SQL statements via string concatenation and passes them to execute. As a result, if a malicio...
CVE-2026-25993
EverShop (TypeScript-based eCommerce platform) is affected by a second-order SQL injection during category update/delete handling. The vulnerability stems from embedding path/request_path values, derived from the url_key stored in the database, into SQL statements via string concatenation that ar...
CVE-2026-25993 EverShop has a Second-Order SQL Injection in URL Rewrite Processing Derived from Category URL Keys
EverShop is a TypeScript-first eCommerce platform. During category update and deletion event handling, the application embeds path / requestpath values—derived from the urlkey stored in the database—into SQL statements via string concatenation and passes them to execute. As a result, if a malicio...
PT-2026-7418
Name of the Vulnerable Software and Affected Versions EverShop versions prior to 2.1.1 Description EverShop is a TypeScript-first eCommerce platform susceptible to a second-order SQL injection. During category update and deletion event handling, the application incorporates values from the url...
EverShop SQL注入漏洞
EverShop is an open-source NodeJS e-commerce platform developed by EverShop. Versions of EverShop prior to 2.1.1 contained a SQL injection vulnerability. This vulnerability occurred when processing category updates and deletions, where the urlkey value was embedded into SQL statements through...
CVE-2025-67427
A Blind Server-Side Request Forgery SSRF vulnerability in evershop 2.1.0 and prior allows unauthenticated attackers to force the server to initiate an HTTP request via the "GET /images" API. The vulnerability occurs due to insufficient validation of the "src" query parameter, which permits...