Lucene search
K

6 matches found

NVD
NVD
added 2024/01/19 10:15 p.m.19 views

CVE-2024-0739

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Affected is an unknown function of the file /web/leadshop.php. The manipulation of the argument install leads to deserialization. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS7.9AI score0.00751EPSS
Exploits0References3
OSV
OSV
added 2024/01/19 10:15 p.m.5 views

CVE-2024-0739

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Affected is an unknown function of the file /web/leadshop.php. The manipulation of the argument install leads to deserialization. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS5.4AI score
Exploits0References3
Prion
Prion
added 2024/01/19 10:15 p.m.16 views

Deserialization of untrusted data

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Affected is an unknown function of the file /web/leadshop.php. The manipulation of the argument install leads to deserialization. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS7.2AI score0.00751EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/19 10:0 p.m.12 views

CVE-2024-0739 Hecheng Leadshop leadshop.php deserialization

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Affected is an unknown function of the file /web/leadshop.php. The manipulation of the argument install leads to deserialization. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS7.2AI score0.00751EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/01/19 10:0 p.m.29 views

CVE-2024-0739 Hecheng Leadshop leadshop.php deserialization

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Affected is an unknown function of the file /web/leadshop.php. The manipulation of the argument install leads to deserialization. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS9.8AI score0.00751EPSS
Exploits0References3
CVE
CVE
added 2024/01/19 10:0 p.m.59 views

CVE-2024-0739

The CVE describes a deserialization vulnerability in Hecheng Leadshop versions up to 1.4.20. The flaw resides in an unknown function of the file /web/leadshop.php, where manipulating the install argument enables remote code execution via deserialization. Public exploit has been disclosed. Connect...

9.8CVSS9.5AI score0.00751EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder