Lucene search
+L

269 matches found

CNVD
CNVD
added 2021/05/21 12:0 a.m.8 views

Smartstore SmartStoreNET Directory Traversal Vulnerability

Smartstore SmartStoreNET is an open source e-commerce Web platform of Germany Smartstore company . The platform includes CRM, CMS, sales, marketing, payment, order processing and other functions. A security vulnerability exists in Smartstore versions prior to 4.1.0 that allows path traversal in...

9.1CVSS6.7AI score0.01802EPSS
Exploits1References1
CNVD
CNVD
added 2021/05/12 12:0 a.m.2 views

Command Execution Vulnerability in UFIDA NC (CNVD-2021-36505)

UFIDA NC is a large erp enterprise management system and e-commerce platform. UFIDA NC suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...

7.6AI score
Exploits0
CNVD
CNVD
added 2021/04/07 12:0 a.m.3 views

Command Execution Vulnerability in UFIDA NC

UFIDA NC is a large erp enterprise management system and e-commerce platform. UFIDA NC suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...

7.6AI score
Exploits0
CNVD
CNVD
added 2021/03/22 12:0 a.m.8 views

Apache OFBiz RCE Vulnerability

Apache OFBiz is an e-commerce platform for building medium-sized and large enterprise-class, cross-platform, cross-database, cross-application server multi-tier, distributed e-commerce applications. An RCE vulnerability exists in Apache OFBiz. An unauthenticated attacker can exploit this...

9.8CVSS6.8AI score0.97822EPSS
Exploits9References1
CNVD
CNVD
added 2021/03/10 12:0 a.m.3 views

SQL Injection Vulnerability in Dascommerce Multi-User Mall System 2.0 Home Page

Large business creation multi-user mall system is mainly oriented to the high-end enterprise-level users, to create self-operated + investment in the e-commerce platform similar to the diversified business model of Jingdong, Tmall, the group purchase, e-commerce retail, wholesale in one, to help...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/03/05 12:0 a.m.5 views

SQL Injection Vulnerability in Tesco Mall System

Tesco mall system for the majority of small and medium-sized enterprises to develop a professional-level e-commerce mall platform system. Ease2Shop Mall system has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/03/03 12:0 a.m.7 views

Smartstore SmartStoreNET Cross-Site Request Forgery Vulnerability

Smartstore SmartStoreNET is an open source e-commerce Web platform of Germany Smartstore company . The platform includes CRM, CMS, sales, marketing, payment, order processing and other functions. A cross-site request forgery vulnerability exists in Smartstore SmartStoreNET versions prior to 4.1.0...

8.8CVSS6.6AI score0.00823EPSS
Exploits1References1
CNVD
CNVD
added 2021/02/10 12:0 a.m.14 views

Adobe Magento Cross-Site Scripting Vulnerability (CNVD-2021-13918)

Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...

4.8CVSS6.4AI score0.84674EPSS
Exploits1References1
CNVD
CNVD
added 2021/02/10 12:0 a.m.9 views

Adobe Magento Access Control Bypass Vulnerability

Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...

5.3CVSS6.9AI score0.02417EPSS
Exploits0References1
CNVD
CNVD
added 2021/02/10 12:0 a.m.9 views

Adobe Magento Cross-Site Scripting Vulnerability (CNVD-2021-13917)

Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...

8.1CVSS6.2AI score0.05629EPSS
Exploits0References1
CNVD
CNVD
added 2021/02/10 12:0 a.m.19 views

Adobe Magento File Upload Limit Bypass Vulnerability

Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...

9.1CVSS7.5AI score0.04213EPSS
Exploits1References1
CNVD
CNVD
added 2021/02/10 12:0 a.m.8 views

Adobe Magento Command Injection Vulnerability

Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...

9.1CVSS7.8AI score0.04114EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/02/09 12:0 a.m.9 views

Adobe Magento 代码问题漏洞

Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...

9.1CVSS7.5AI score0.04213EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/02/09 12:0 a.m.7 views

Adobe Magento 操作系统命令注入漏洞

Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...

9.1CVSS7.5AI score0.04114EPSS
Exploits0References4
CNVD
CNVD
added 2021/02/02 12:0 a.m.8 views

CMSWing SQL Injection Vulnerability (CNVD-2021-09500)

CMSWing is a ThinkJS-based e-commerce platform and CMS builder. CMSWing 1.3.8 suffers from a SQL injection vulnerability. The vulnerability stems from the updateAction function not checking the detail parameter. An attacker can exploit this vulnerability to execute arbitrary SQL commands via...

9.8CVSS8.3AI score0.01355EPSS
Exploits1References1
CNVD
CNVD
added 2021/01/14 12:0 a.m.5 views

HCL Commerce Information Disclosure Vulnerability

HCL Commerce is a software platform framework for e-commerce from HCL India. The software includes marketing, sales, customer and order processing functions in a customizable and integrated package. It is a unified platform that provides the ability to conduct business directly with consumers, wi...

7.5CVSS6.4AI score0.01311EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/09/17 12:0 a.m.6 views

The vulnerability of the sub-component of the Dynamo Application Framework within the component of the Oracle Commerce Platform of the e-commerce platform Oracle Commerce allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the sub-component of the Dynamo Application Framework within the Oracle Commerce Platform of the e-commerce platform Oracle Commerce exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to remotely access and modify,...

5CVSS6.5AI score0.01048EPSS
Exploits0References3Affected Software1
ThreatPost
ThreatPost
added 2020/07/29 9:22 p.m.251 views

Critical Magento Flaws Allow Code Execution

Critical flaws in Adobe’s Magento e-commerce platform – which is commonly targeted by attackers like the Magecart cybergang – could enable arbitrary code execution on affected systems. Magento is a popular, Adobe-owned open-source e-commerce platform that powers many online shops. Adobe on Tuesda...

8.5CVSS1.5AI score0.26869EPSS
Exploits1References11
CNVD
CNVD
added 2020/07/27 12:0 a.m.4 views

SQL Injection Vulnerability in CMSWing of Xi'an Huashang Software Technology Co.

CMSWING is a ThinkJS-based e-commerce platform and CMS builder. Xi'an Huashang Software Technology Co., Ltd CMSWing suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

7.8AI score
Exploits0
CNVD
CNVD
added 2020/07/24 12:0 a.m.2 views

Ltd. cross-border e-commerce integrated platform has SQL injection vulnerability

Ltd. was founded in 2013 as an information technology service provider. Ltd. cross-border e-commerce integrated platform suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

7.6AI score
Exploits0
Rows per page
Query Builder