CVE-2024-1705 Shopwind Installation DefaultController.php actionCreate code injection

A vulnerability was found in Shopwind up to 4.6. It has been rated as critical. This issue affects the function actionCreate of the file /public/install/controllers/DefaultController.php of the component Installation. The manipulation leads to code injection. The attack may be initiated remotely...

CVE-2024-1705 Shopwind Installation DefaultController.php actionCreate code injection

A vulnerability was found in Shopwind up to 4.6. It has been rated as critical. This issue affects the function actionCreate of the file /public/install/controllers/DefaultController.php of the component Installation. The manipulation leads to code injection. The attack may be initiated remotely...

CVE-2024-1705

CVE-2024-1705 affects Shopwind up to version 4.6. The vulnerability is in the Installation component, specifically the actionCreate function of /public/install/controllers/DefaultController.php, allowing code injection. Impact is remote execution with high severity; exploitation is reported as kn...

ShopWind Security Breach

ShopWind is a B2B2C, O2O industry e-commerce system software based on the Yii2.0 framework deeply reconstructed by China ShopWind. You can easily create and publish your own brand of professional e-commerce platform for a full range of branding and product promotion. ShopWind 4.6 and previous...

SQL Injection Vulnerability in IBOS Enterprise Collaboration Management Software DefaultController.php Page

IBOS Enterprise Collaboration Management Software is a PHP-based collaborative office management system. A SQL injection vulnerability exists in the DefaultController.php page of IBOS Enterprise Collaboration Management Software. An attacker is allowed to exploit the vulnerability to obtain...