Suishang Enterprise-Level B2B2C Multi-User Mall System 安全漏洞

Suishang Enterprise-Level B2B2C Multi-User Mall System is an e-commerce system software from China Suishang Company. A security vulnerability exists in Suishang Enterprise-Level B2B2C Multi-User Mall System version 1.0, which originates from the incorrect operation of the parameter keywords in th...

EUVD-2020-11573

Malware in sbrugna...

EUVD-2018-6479

Malware in sbrugna...

EUVD-2024-16714

Malicious code in bioql PyPI...

CVE-2024-28560

SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the deleteArea function of the Address.php component...

CVE-2024-25248

SQL Injection vulnerability in the orderGoodsDelivery function in Niushop B2B2C V5 allows attackers to run arbitrary SQL commands via the orderid parameter...

CVE-2024-25247

SQL Injection vulnerability in /app/api/controller/Store.php in Niushop B2B2C V5 allows attackers to run arbitrary SQL commands via latitude and longitude parameters...

CVE-2024-0933

A vulnerability was found in Niushop B2B2C V5 and classified as critical. Affected by this issue is some unknown functionality of the file \app\model\Upload.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and ma...

CVE-2020-19670

In Niushop B2B2C Multi-Business Basic Edition V1.11, authentication can be bypassed, causing administrators to reset any passwords...

CVE-2024-28559

SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the setPrice function of the Goodsbatchset.php component...

CVE-2024-28560

SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the deleteArea function of the Address.php component...

CVE-2024-28559

SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the setPrice function of the Goodsbatchset.php component...

CVE-2024-28560

Affected product : Niushop B2B2C, all versions up to 5.3.3. Vulnerability : SQL injection in Niushop B2B2C, enabling privilege escalation via functions in Address.php (deleteArea()) and, per several sources, also via Goodsbatchset.php (setPrice()). Root cause : Improper handling of user-supplied ...

CVE-2024-28560

SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the deleteArea function of the Address.php component...

CVE-2024-28560

SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the deleteArea function of the Address.php component...

CVE-2024-28559

CVE-2024-28559/Security issue in Niushop B2B2C (v5.3.3 and earlier) is a SQL injection in the setPrice() function of Goodsbatchset.php, enabling privilege escalation. Documented impact includes high severity (CVSSv3.1: 8.8, Network vector, Privileges Required: Low, User Interaction: None, Confide...

CVE-2024-28559

SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the setPrice function of the Goodsbatchset.php component...

Niushop B2B2C 安全漏洞

Niushop niushop b2b2c is a PHP open source e-commerce multi-merchant system from China Niukoo Information Technology Niushop. A security vulnerability exists in Niushop B2B2C v.5.3.3 and earlier versions. An attacker exploited the vulnerability to extract power via the setPrice function of the...

PT-2024-22462 · Unknown · Niushop B2B2C

Name of the Vulnerable Software and Affected Versions: Niushop B2B2C versions 5.3.3 and earlier Description: A SQL injection issue allows an attacker to escalate privileges via the setPrice function of the Goodsbatchset.php component. The vulnerability is critical and can be exploited to gain...

CVE-2024-28559

SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the setPrice function of the Goodsbatchset.php component...