CVE-2020-24026

TinyShop, a free and open source mall based on RageFrame2, has a stored XSS vulnerability that affects version 1.2.0. TinyShop allows XSS via the explainfirst and againexplain parameters of the /evaluate/index.php page. The vulnerability may be exploited remotely, resulting in cross-site scriptin...

EUVD-2020-14322

Malware in sbrugna...

EUVD-2020-16762

Malware in sbrugna...

CVE-2020-21554

A File Deletion vulnerability exists in TinyShop 3.1.1 in the backlist parameter in controllers\admin.php, which could let a malicious user delete any file such as install.lock to reinstall cms...

CVE-2020-21554

A File Deletion vulnerability exists in TinyShop 3.1.1 in the backlist parameter in controllers\admin.php, which could let a malicious user delete any file such as install.lock to reinstall cms...

CVE-2020-21554

A File Deletion vulnerability exists in TinyShop 3.1.1 in the backlist parameter in controllers\admin.php, which could let a malicious user delete any file such as install.lock to reinstall cms...

Arbitrary file deletion

A File Deletion vulnerability exists in TinyShop 3.1.1 in the backlist parameter in controllers\admin.php, which could let a malicious user delete any file such as install.lock to reinstall cms...

CVE-2020-21554

CVE-2020-21554 affects TinyShop 3.1.1. A vulnerability in the back_list parameter of controllers\admin.php can enable a malicious user to delete arbitrary files (e.g., install.lock), potentially reinstalling the CMS. The root cause is a file-deletion flaw in the affected parameter handling, allow...

CVE-2020-21554

A File Deletion vulnerability exists in TinyShop 3.1.1 in the backlist parameter in controllers\admin.php, which could let a malicious user delete any file such as install.lock to reinstall cms...

TinyShop 安全漏洞

TinyShop is a software application. A free and open source mall with basic sales functionality based on RageFrame2. A security vulnerability exists in TinyShop version 3.1.1, which stems from a file deletion vulnerability in the backlist parameter of the controllersadmin.php file. An attacker can...

CVE-2020-24026

TinyShop, a free and open source mall based on RageFrame2, has a stored XSS vulnerability that affects version 1.2.0. TinyShop allows XSS via the explainfirst and againexplain parameters of the /evaluate/index.php page. The vulnerability may be exploited remotely, resulting in cross-site scriptin...

CVE-2020-24026

TinyShop, a free and open source mall based on RageFrame2, has a stored XSS vulnerability that affects version 1.2.0. TinyShop allows XSS via the explainfirst and againexplain parameters of the /evaluate/index.php page. The vulnerability may be exploited remotely, resulting in cross-site scriptin...

Cross site scripting

TinyShop, a free and open source mall based on RageFrame2, has a stored XSS vulnerability that affects version 1.2.0. TinyShop allows XSS via the explainfirst and againexplain parameters of the /evaluate/index.php page. The vulnerability may be exploited remotely, resulting in cross-site scriptin...

CVE-2020-24026

TinyShop, a free and open source mall based on RageFrame2, has a stored XSS vulnerability that affects version 1.2.0. TinyShop allows XSS via the explainfirst and againexplain parameters of the /evaluate/index.php page. The vulnerability may be exploited remotely, resulting in cross-site scriptin...

CVE-2020-24026

CVE-2020-24026 concerns TinyShop 1.2.0 (RageFrame2). The vulnerability is a stored XSS via the explain_first and again_explain parameters of /evaluate/index.php, allowing remote exploitation that can lead to XSS or information disclosure. All concrete details provided relate to TinyShop’s version...

TinyShop 跨站脚本漏洞

TinyShop is a software application. A free and open source mall with basic sales functionality based on RageFrame2. A security vulnerability exists in TinyShop 1.2.0, which originates in the explainfirst and attributeexplain parameters of /evaluate/index.php...

Arbitrary File Deletion Vulnerability in TinyShop V3.1.1 E-Commerce System

TinyShop is an e-commerce system online store system based on the Tiny framework, suitable for businesses and individuals to quickly build a personalized online store. An arbitrary file deletion vulnerability exists in TinyShop V3.1.1 e-commerce system due to the system's failure to effectively...

TinyShop V3.0 E-commerce System suffers from SQL Injection Vulnerability

TinyShop is an e-commerce system online store system based on the Tiny framework, suitable for businesses and individuals to quickly build a personalized online store. TinyShop V3.0 e-commerce system suffers from a SQL injection vulnerability due to the system failing to effectively filter...

SQL Injection Vulnerability in TinyShop Frontend Common.php Page

TinyShop is an e-commerce system online store system based on the Tiny framework, suitable for businesses and individuals to quickly build a personalized online store. A SQL injection vulnerability exists in the TinyShop frontend Common.php page. The vulnerability is due to the system failing to...

SQL Injection Vulnerability in TinyShop Frontend ucenter.php Page

TinyShop is an e-commerce system online store system based on the Tiny framework, suitable for businesses and individuals to quickly build a personalized online store. A SQL injection vulnerability exists in the TinyShop frontend ucenter.php page. The vulnerability is due to the system failing to...