2 matches found
CVE-2025-12919
Summary: CVE-2025-12919 affects EverShop up to 2.0.1, specifically the function in /src/modules/oms/graphql/types/Order/Order.resolvers.js within the Order Handler. The vulnerability stems from manipulation of the uuid argument, causing improper control of resource identifiers and enabling a remo...
CVE-2025-12919 EverShop Order Order.resolvers.js resource injection
A vulnerability was detected in EverShop up to 2.0.1. Affected is an unknown function of the file /src/modules/oms/graphql/types/Order/Order.resolvers.js of the component Order Handler. The manipulation of the argument uuid results in improper control of resource identifiers. The attack may be...