4 matches found
CVE-2018-9919
A web-accessible backdoor, with resultant SSRF, exists in Tp-shop 2.0.5 through 2.0.8, which allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution, because...
CVE-2018-9919
CVE-2018-9919 affects Tp-shop 2.0.5–2.0.8 with a web-accessible backdoor that enables SSRF and potential remote code execution. A backdoor in the file path "/vendor/phpdocumentor/reflection-docblock/tests/phpDocumentor/Reflection/DocBlock/Tag/LinkTagTeet.php" uses parameters bddlj (path), down_ur...
Tpshop 2.0.8 Arbitrary File Download / SSRF
Backdoor in Tpshop = 2.0.8 CVE-2018-9919 The Tpshop open source mall system is a multi-merchant mode mall system developed by Shenzhen Leopard Network Co., Ltd.This system is based on the Thinkphp development framework. Product Download: http://www.tp-shop.cn/Index/Index/download.html Vulnerabili...
Backdoor in Tpshop <= 2.0.8 (CVE-2018-9919)
Backdoor in Tpshop = 2.0.8 CVE-2018-9919 The Tpshop open source mall system is a multi-merchant mode mall system developed by Shenzhen Leopard Network Co., Ltd.This system is based on the Thinkphp development framework. Product Download: http://www.tp-shop.cn/Index/Index/download.html Vulnerabili...