4 matches found
SQL Injection Vulnerability in the change_store_num Method of WK+shop General Mall System
WK+shop is a mall system based on the technology of PHP+MySQL, developed using ThinkPHP5.0 framework, which combines the Witcott mission system with multiple mall systems. WK+shop general mall system changestorenum method has a SQL injection vulnerability, attackers can construct a specific URL t...
SQL Injection Vulnerability in WK+shop General Mall System
WK+shop is a mall system based on the technology of PHP+MySQL, developed using ThinkPHP5.0 framework, which combines the Witcott mission system with multiple mall systems. WK+shop General Mall System suffers from a SQL injection vulnerability, which allows an attacker to obtain sensitive database...
WK+shop mall system has arbitrary file deletion vulnerability
WK+shop is a mall system based on the technology of PHP+MySQL, developed using ThinkPHP5.0 framework, which combines the Witcott mission system with multiple mall systems. WK+shop Universal Mall System has an arbitrary file deletion vulnerability, an attacker can delete arbitrary files on disk by...
File Upload Vulnerability in WK+shop General Mall System
WK+shop is a mall system based on the technology of PHP+MySQL, developed using ThinkPHP5.0 framework, which combines the Witcott mission system with multiple mall systems. A file upload vulnerability exists in the WK+shop universal mall system, which allows an attacker to upload arbitrary files a...