269 matches found
Smartstore SmartStoreNET Directory Traversal Vulnerability
Smartstore SmartStoreNET is an open source e-commerce Web platform of Germany Smartstore company . The platform includes CRM, CMS, sales, marketing, payment, order processing and other functions. A security vulnerability exists in Smartstore versions prior to 4.1.0 that allows path traversal in...
Command Execution Vulnerability in UFIDA NC (CNVD-2021-36505)
UFIDA NC is a large erp enterprise management system and e-commerce platform. UFIDA NC suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...
Command Execution Vulnerability in UFIDA NC
UFIDA NC is a large erp enterprise management system and e-commerce platform. UFIDA NC suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...
Apache OFBiz RCE Vulnerability
Apache OFBiz is an e-commerce platform for building medium-sized and large enterprise-class, cross-platform, cross-database, cross-application server multi-tier, distributed e-commerce applications. An RCE vulnerability exists in Apache OFBiz. An unauthenticated attacker can exploit this...
SQL Injection Vulnerability in Dascommerce Multi-User Mall System 2.0 Home Page
Large business creation multi-user mall system is mainly oriented to the high-end enterprise-level users, to create self-operated + investment in the e-commerce platform similar to the diversified business model of Jingdong, Tmall, the group purchase, e-commerce retail, wholesale in one, to help...
SQL Injection Vulnerability in Tesco Mall System
Tesco mall system for the majority of small and medium-sized enterprises to develop a professional-level e-commerce mall platform system. Ease2Shop Mall system has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...
Smartstore SmartStoreNET Cross-Site Request Forgery Vulnerability
Smartstore SmartStoreNET is an open source e-commerce Web platform of Germany Smartstore company . The platform includes CRM, CMS, sales, marketing, payment, order processing and other functions. A cross-site request forgery vulnerability exists in Smartstore SmartStoreNET versions prior to 4.1.0...
Adobe Magento Cross-Site Scripting Vulnerability (CNVD-2021-13918)
Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...
Adobe Magento Access Control Bypass Vulnerability
Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...
Adobe Magento Cross-Site Scripting Vulnerability (CNVD-2021-13917)
Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...
Adobe Magento File Upload Limit Bypass Vulnerability
Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...
Adobe Magento Command Injection Vulnerability
Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...
Adobe Magento 代码问题漏洞
Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...
Adobe Magento 操作系统命令注入漏洞
Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...
CMSWing SQL Injection Vulnerability (CNVD-2021-09500)
CMSWing is a ThinkJS-based e-commerce platform and CMS builder. CMSWing 1.3.8 suffers from a SQL injection vulnerability. The vulnerability stems from the updateAction function not checking the detail parameter. An attacker can exploit this vulnerability to execute arbitrary SQL commands via...
HCL Commerce Information Disclosure Vulnerability
HCL Commerce is a software platform framework for e-commerce from HCL India. The software includes marketing, sales, customer and order processing functions in a customizable and integrated package. It is a unified platform that provides the ability to conduct business directly with consumers, wi...
The vulnerability of the sub-component of the Dynamo Application Framework within the component of the Oracle Commerce Platform of the e-commerce platform Oracle Commerce allows a perpetrator to gain access to modify, add, or delete data.
The vulnerability of the sub-component of the Dynamo Application Framework within the Oracle Commerce Platform of the e-commerce platform Oracle Commerce exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to remotely access and modify,...
Critical Magento Flaws Allow Code Execution
Critical flaws in Adobe’s Magento e-commerce platform – which is commonly targeted by attackers like the Magecart cybergang – could enable arbitrary code execution on affected systems. Magento is a popular, Adobe-owned open-source e-commerce platform that powers many online shops. Adobe on Tuesda...
SQL Injection Vulnerability in CMSWing of Xi'an Huashang Software Technology Co.
CMSWING is a ThinkJS-based e-commerce platform and CMS builder. Xi'an Huashang Software Technology Co., Ltd CMSWing suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
Ltd. cross-border e-commerce integrated platform has SQL injection vulnerability
Ltd. was founded in 2013 as an information technology service provider. Ltd. cross-border e-commerce integrated platform suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...