Lucene search
K

193 matches found

CNVD
CNVD
added 2021/01/29 12:0 a.m.7 views

Newbee-mall Cross-Site Scripting Vulnerability

newbee-mall is an e-commerce system. A cross-site scripting vulnerability exists in newbee-mall 1.0, where a user only needs to write an xss payload in the address information when purchasing a product, and the vulnerability is triggered when viewing the "View Recipient Information" of the order ...

6.1CVSS6AI score0.0066EPSS
Exploits1References1
CNVD
CNVD
added 2020/12/29 12:0 a.m.3 views

File Upload Vulnerability in Laiku Push E-commerce System (CNVD-2021-01290)

Laike Push www.laiketui.com is a mall system and mall website construction provider for enterprise-level businesses to provide retail mall, B2B2C multi-user mall system, community group-buying mall system, micro letter distribution system, small program mall, micro distribution system and other...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/12/17 12:0 a.m.4 views

File upload vulnerability in ShopXO open source e-commerce system (CNVD-2020-73468)

ShopXO is an open source enterprise-level open source e-commerce system. ShopXO open source e-commerce system has a file upload vulnerability that can be exploited by an attacker to upload malicious files and obtain server control privileges...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/10/26 12:0 a.m.1 views

S-CMS e-commerce system backend has SQL injection vulnerability

S-CMS e-commerce system is an e-commerce software. A SQL injection vulnerability exists in the backend of S-CMS e-commerce system. An attacker can exploit the vulnerability to obtain sensitive information from the database...

7.7AI score
Exploits0
CNVD
CNVD
added 2020/09/05 12:0 a.m.1 views

Arbitrary file read vulnerability in S-CMS backend (CNVD-2020-57394)

S-CMS Government Station Building System, S-CMS School Station Building System, S-CMS News Portal System and S-CMS Enterprise Station Building System are developed by Zibo Shining Network Technology Co., Ltd. which is specialized in providing solutions for government station building.S-CMS Hospit...

6.8AI score
Exploits0
CNVD
CNVD
added 2020/07/23 12:0 a.m.1 views

SQL Injection Vulnerability in 5vshop E-commerce System of Shijiazhuang Zhenhong Network Technology Co.

5vshop belongs to Shijiazhuang Zhenghong Network Technology Co., Ltd, since 2004 has been committed to the enterprise Internet application of related services, engaged in enterprise, personal e-commerce website construction; e-commerce project planning, creativity, operation, to provide a...

7.8AI score
Exploits0
CNVD
CNVD
added 2020/07/22 12:0 a.m.1 views

5vshop e-commerce system has a logic flaw vulnerability

5vshop e-commerce system is shijiazhuang zhenghong network technology limited company a station building system. 5vshop e-commerce system has a logic flaw vulnerability, attackers can use this vulnerability to arbitrarily modify the payment amount, resulting in economic losses...

6.8AI score
Exploits0
CNVD
CNVD
added 2020/07/07 12:0 a.m.2 views

S-CMS e-commerce system aj***.php suffers from SQL injection vulnerability

S-CMS e-commerce system is developed by php+mysql, the website is easy and fast to install. Search engine is more easy to crawl and index , provide more features to improve user-friendly experience . S-CMS e-commerce system aj.php SQL injection vulnerability, attackers can use the vulnerability t...

7.9AI score
Exploits0
CNVD
CNVD
added 2020/06/28 12:0 a.m.7 views

Adobe Magento Security Mitigation Bypass Vulnerability (CNVD-2021-20289)

Adobe Magento is the United States of America Odobie Adobe company's set of open source PHP e-commerce system . The system provides rights management , search engines and payment gateways and other functions . A security mitigation bypass vulnerability exists in Adobe Magento, which can be...

10CVSS9.7AI score0.07397EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/19 12:0 a.m.7 views

EC-CUBE Path Traversal Vulnerability

EC-CUBE is Japan's EC-CUBE company's set of open source e-commerce system . A path traversal vulnerability exists in EC-CUBE versions 3.0.0 through 3.0.18 and 4.0.0 through 4.0.3. An attacker could exploit this vulnerability to delete arbitrary files or paths on the server...

8.1CVSS6.7AI score0.02059EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/27 12:0 a.m.1 views

5vshop e-commerce system suffers from SQL injection vulnerability

5vshop e-commerce system is an enterprise-level open source e-commerce system. 5vshop e-commerce system suffers from SQL injection vulnerability. Attackers can use the vulnerability to obtain sensitive information in the database...

7.7AI score
Exploits0
0day.today
0day.today
added 2020/05/14 12:0 a.m.31 views

E-Commerce System 1.0 - Unauthenticated Remote Code Execution Vulnerability

Exploit for php platform in category web applications Exploit Title: E-Commerce System 1.0 - Unauthenticated Remote Code Execution Exploit Author: SunCSR Sun Cyber Security Research - ThienNV Vendor Homepage: https://www.sourcecodester.com/php/13524/e-commerce-system-using-phpmysqli.html Software...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/14 12:0 a.m.784 views

E-Commerce System 1.0 - Unauthenticated Remote Code Execution

Exploit Title: E-Commerce System 1.0 - Unauthenticated Remote Code Execution Exploit Author: SunCSR Sun Cyber Security Research - ThienNV Date: 2020-05-14 Vendor Homepage: https://www.sourcecodester.com/php/13524/e-commerce-system-using-phpmysqli.html Software Link:...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/04/08 12:0 a.m.3 views

SQL Injection Vulnerability in Laike Push E-commerce System of Hunan One Eight Network Technology Co. Ltd (CNVD-2020-25107)

Laikatsu Push e-commerce system is a platform that integrates all the functions of an e-commerce system. Hunan One Eight Network Technology Co., Ltd Laike Push e-commerce system has a SQL injection vulnerability, which can be exploited by an attacker to obtain sensitive information from the...

7.6AI score
Exploits0
CNVD
CNVD
added 2020/04/07 12:0 a.m.2 views

SQL Injection Vulnerability in Laikepui E-commerce System of Hunan One Eight Network Technology Co. Ltd (CNVD-2020-25312)

Laike e-commerce with independent copyright system, is an integrated e-commerce system all the functions of the platform. There is a SQL injection vulnerability in the Laike Push e-commerce system of Hunan One Eight Network Technology Co. Ltd, which can be exploited by an attacker to obtain...

7.7AI score
Exploits0
CNVD
CNVD
added 2020/04/07 12:0 a.m.1 views

SQL injection vulnerability in in***.cl***.php page of the background of e-commerce system of Hunan One Eight Network Technology Co.

Laike e-commerce with independent copyright system, is an integrated e-commerce system all the functions of the platform. Hunan One Eight Network Technology Co., Ltd. Laike Push e-commerce system background in.cl.php page there is a SQL injection vulnerability, the attacker can use the loophole t...

7.6AI score
Exploits0
CNVD
CNVD
added 2020/03/17 12:0 a.m.1 views

SQL Injection Vulnerability in ECShop Website of Shanghai ShangPai Network Technology Co.

Founded in 2002, Shanghai Shangpai Network Technology Co., Ltd. is a professional e-commerce system and service provider in China. A SQL injection vulnerability exists in the ECShop website of Shanghai ShangPai Network Technology Co. Ltd, which can be exploited by attackers to obtain sensitive...

7.7AI score
Exploits0
CNVD
CNVD
added 2020/03/04 12:0 a.m.3 views

File Upload Vulnerability in LaiKe Full Scene E-commerce System

LaiKe full-scene e-commerce system is a WeChat applet e-commerce platform front and back end open source PHP , including distribution , group , lottery , red packets , nine-grid game and other functions , the entire system architecture is very simple , suitable for small teams or individual...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/01/03 12:0 a.m.2 views

File Upload Vulnerability in Laike E-commerce System (CNVD-2020-13871)

Laike e-commerce with independent copyright system, is an integrated e-commerce system all the functions of the platform. A file upload vulnerability exists in the Laike E-commerce system, which can be exploited by attackers to gain control of the web server...

7.2AI score
Exploits0
CNVD
CNVD
added 2019/12/16 12:0 a.m.1 views

SQL Injection Vulnerability in the Frontend of Dascommerce Mall System

Big Business Mall System is a business creation network based on ten years of reconstruction of the e-commerce architecture, to create a set of operators, suppliers, purchasers, users, distribution, etc., in the PC and mobile devices are compatible with the operation of a complete set of offline ...

7.6AI score
Exploits0
Rows per page
Query Builder