CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

NVD•added 2024/03/22 12:15 p.m.•7 views

CVE-2024-28560

SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the deleteArea function of the Address.php component...

5.4CVSS7.7AI score0.00578EPSS

Exploits1References4

Cvelist•added 2024/03/22 12:0 a.m.•14 views

CVE-2024-28560

SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the deleteArea function of the Address.php component...

8AI score0.00578EPSS

Exploits1References4

CVE•added 2024/03/22 12:0 a.m.•61 views

CVE-2024-28560

Affected product : Niushop B2B2C, all versions up to 5.3.3. Vulnerability : SQL injection in Niushop B2B2C, enabling privilege escalation via functions in Address.php (deleteArea()) and, per several sources, also via Goodsbatchset.php (setPrice()). Root cause : Improper handling of user-supplied ...

5.4CVSS8.1AI score0.00578EPSS

Exploits1References4Affected Software1

CNNVD•added 2024/03/22 12:0 a.m.•1 views

Niushop B2B2C 安全漏洞

Niushop niushop b2b2c is a PHP open source e-commerce multi-merchant system from China Niukoo Information Technology Niushop. A security vulnerability exists in Niushop B2B2C v.5.3.3 and earlier versions. An attacker exploited the vulnerability to extract power via the deleteArea function of the...

8.8CVSS6.4AI score0.00582EPSS

Exploits2References5