Lucene search
K

4 matches found

NVD
NVD
added 2018/05/02 9:29 p.m.29 views

CVE-2018-9919

A web-accessible backdoor, with resultant SSRF, exists in Tp-shop 2.0.5 through 2.0.8, which allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution, because...

9.8CVSS9.4AI score0.04825EPSS
Exploits4References1
CVE
CVE
added 2018/05/02 9:0 p.m.56 views

CVE-2018-9919

CVE-2018-9919 affects Tp-shop 2.0.5–2.0.8 with a web-accessible backdoor that enables SSRF and potential remote code execution. A backdoor in the file path "/vendor/phpdocumentor/reflection-docblock/tests/phpDocumentor/Reflection/DocBlock/Tag/LinkTagTeet.php" uses parameters bddlj (path), down_ur...

9.8CVSS9.2AI score0.04825EPSS
Exploits4References1Affected Software1
Packet Storm
Packet Storm
added 2018/05/02 12:0 a.m.189 views

Tpshop 2.0.8 Arbitrary File Download / SSRF

Backdoor in Tpshop = 2.0.8 CVE-2018-9919 The Tpshop open source mall system is a multi-merchant mode mall system developed by Shenzhen Leopard Network Co., Ltd.This system is based on the Thinkphp development framework. Product Download: http://www.tp-shop.cn/Index/Index/download.html Vulnerabili...

9.7AI score0.04825EPSS
Exploits4
seebug.org
seebug.org
added 2018/05/02 12:0 a.m.89 views

Backdoor in Tpshop <= 2.0.8 (CVE-2018-9919)

Backdoor in Tpshop = 2.0.8 CVE-2018-9919 The Tpshop open source mall system is a multi-merchant mode mall system developed by Shenzhen Leopard Network Co., Ltd.This system is based on the Thinkphp development framework. Product Download: http://www.tp-shop.cn/Index/Index/download.html Vulnerabili...

7.5CVSS2AI score0.04825EPSS
Exploits4
Rows per page
Query Builder