2 matches found
Command execution vulnerability in DBShop system (CNVD-2019-23860)
DBShop is an e-commerce system. A command execution vulnerability exists in the DBShop system that can be exploited by an attacker to gain server privileges...
SQL Injection Vulnerability in DBSHOP_0.9.3_Beta goodsSearchAction Function
DBShop is an open source e-commerce online store system developed using endFramework. DBSHOP0.9.3Beta goodsSearchAction function SQL injection vulnerability . After obtaining the parameters timesort, clicksort, pricesort, the key name and key value will be spliced into the sql statement to bring ...