3 matches found
CVE-2023-32065
OroCommerce is an open-source Business to Business Commerce application built with flexibility in mind. Detailed Order totals information may be received by Order ID. This issue is patched in version 5.0.11 and 5.1.1...
CVE-2022-31037 OroCommerce vulnerable to Cross-site Scripting via Shipping rule editing page
OroCommerce is an open-source Business to Business Commerce application. Versions between 4.1.0 and 4.1.17 inclusive, 4.2.0 and 4.2.11 inclusive, and between 5.0.0 and 5.0.3 inclusive, are vulnerable to Cross-site Scripting in the UPS Surcharge field of the Shipping rule edit page. The attacker...
File Upload Vulnerability in Multimedia Management Platform of Beijing Tecbeth Technology Co.
Ltd. is a B2B e-commerce platform for digital products, pioneering the information service model. A file upload vulnerability exists in the multimedia management platform of Beijing Tekbest Technology Co. The vulnerability allows an attacker to upload a webshell and gain server privileges...