CVE-2026-2850 yeqifu warehouse Customer Endpoint CustomerController.java deleteCustomer access control

A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function addCustomer/updateCustomer/deleteCustomer of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\CustomerController.java of the component Customer Endpoint...

GHSA-5MMR-9QX3-3PF9 Code execution in evershop

An issue in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information and execute arbitrary code via the /deleteCustomer/route.json file...

CVE-2023-46498

An issue in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information and execute arbitrary code via the /deleteCustomer/route.json file...

CVE-2023-46498

An issue in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information and execute arbitrary code via the /deleteCustomer/route.json file...

EverShop Security Breach

EverShop is EverShop open source a NodeJS e-commerce platform. A security vulnerability exists in EverShop versions prior to v.1.0.0-rc.8. A remote attacker can use this vulnerability to obtain sensitive information and execute arbitrary code via the /deleteCustomer/route.json file...

PT-2023-30058 · Npm · Evershop

Name of the Vulnerable Software and Affected Versions: EverShop NPM versions prior to 1.0.0-rc.8 Description: An issue in EverShop NPM allows a remote attacker to obtain sensitive information and execute arbitrary code via the "/deleteCustomer/route.json" API endpoint. The deleteCustomer route is...