CVE-2023-2713

Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Authentication Abuse, Authentication Bypass.This issue affects Rental Module: before 23.05.15...

CVE-2023-2712

Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server. This issue affects Rental Module: before 23.05.15...

CVE-2023-2713

Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Authentication Abuse, Authentication Bypass. This issue affects Rental Module: before 23.05.15...

PT-2023-20965

Name of the Vulnerable Software and Affected Versions Rental Module versions prior to 23.05.15 Description The issue allows Command Injection and enables attackers to upload malicious files, including web shells, to a web server. This is due to an Unrestricted Upload of File with Dangerous Type...

Ideasoft E-commerce Platform 代码问题漏洞

Ideasoft E-commerce Platform is an open source e-commerce platform from Ideasoft. Ideasoft E-commerce Platform before version 23.05 there is a code issue vulnerability, the vulnerability stems from the Rental Module has a dangerous type of file unrestricted upload vulnerability, allowing command...