193 matches found
Newbee-mall Cross-Site Scripting Vulnerability
newbee-mall is an e-commerce system. A cross-site scripting vulnerability exists in newbee-mall 1.0, where a user only needs to write an xss payload in the address information when purchasing a product, and the vulnerability is triggered when viewing the "View Recipient Information" of the order ...
File Upload Vulnerability in Laiku Push E-commerce System (CNVD-2021-01290)
Laike Push www.laiketui.com is a mall system and mall website construction provider for enterprise-level businesses to provide retail mall, B2B2C multi-user mall system, community group-buying mall system, micro letter distribution system, small program mall, micro distribution system and other...
File upload vulnerability in ShopXO open source e-commerce system (CNVD-2020-73468)
ShopXO is an open source enterprise-level open source e-commerce system. ShopXO open source e-commerce system has a file upload vulnerability that can be exploited by an attacker to upload malicious files and obtain server control privileges...
S-CMS e-commerce system backend has SQL injection vulnerability
S-CMS e-commerce system is an e-commerce software. A SQL injection vulnerability exists in the backend of S-CMS e-commerce system. An attacker can exploit the vulnerability to obtain sensitive information from the database...
Arbitrary file read vulnerability in S-CMS backend (CNVD-2020-57394)
S-CMS Government Station Building System, S-CMS School Station Building System, S-CMS News Portal System and S-CMS Enterprise Station Building System are developed by Zibo Shining Network Technology Co., Ltd. which is specialized in providing solutions for government station building.S-CMS Hospit...
SQL Injection Vulnerability in 5vshop E-commerce System of Shijiazhuang Zhenhong Network Technology Co.
5vshop belongs to Shijiazhuang Zhenghong Network Technology Co., Ltd, since 2004 has been committed to the enterprise Internet application of related services, engaged in enterprise, personal e-commerce website construction; e-commerce project planning, creativity, operation, to provide a...
5vshop e-commerce system has a logic flaw vulnerability
5vshop e-commerce system is shijiazhuang zhenghong network technology limited company a station building system. 5vshop e-commerce system has a logic flaw vulnerability, attackers can use this vulnerability to arbitrarily modify the payment amount, resulting in economic losses...
S-CMS e-commerce system aj***.php suffers from SQL injection vulnerability
S-CMS e-commerce system is developed by php+mysql, the website is easy and fast to install. Search engine is more easy to crawl and index , provide more features to improve user-friendly experience . S-CMS e-commerce system aj.php SQL injection vulnerability, attackers can use the vulnerability t...
Adobe Magento Security Mitigation Bypass Vulnerability (CNVD-2021-20289)
Adobe Magento is the United States of America Odobie Adobe company's set of open source PHP e-commerce system . The system provides rights management , search engines and payment gateways and other functions . A security mitigation bypass vulnerability exists in Adobe Magento, which can be...
EC-CUBE Path Traversal Vulnerability
EC-CUBE is Japan's EC-CUBE company's set of open source e-commerce system . A path traversal vulnerability exists in EC-CUBE versions 3.0.0 through 3.0.18 and 4.0.0 through 4.0.3. An attacker could exploit this vulnerability to delete arbitrary files or paths on the server...
5vshop e-commerce system suffers from SQL injection vulnerability
5vshop e-commerce system is an enterprise-level open source e-commerce system. 5vshop e-commerce system suffers from SQL injection vulnerability. Attackers can use the vulnerability to obtain sensitive information in the database...
E-Commerce System 1.0 - Unauthenticated Remote Code Execution Vulnerability
Exploit for php platform in category web applications Exploit Title: E-Commerce System 1.0 - Unauthenticated Remote Code Execution Exploit Author: SunCSR Sun Cyber Security Research - ThienNV Vendor Homepage: https://www.sourcecodester.com/php/13524/e-commerce-system-using-phpmysqli.html Software...
E-Commerce System 1.0 - Unauthenticated Remote Code Execution
Exploit Title: E-Commerce System 1.0 - Unauthenticated Remote Code Execution Exploit Author: SunCSR Sun Cyber Security Research - ThienNV Date: 2020-05-14 Vendor Homepage: https://www.sourcecodester.com/php/13524/e-commerce-system-using-phpmysqli.html Software Link:...
SQL Injection Vulnerability in Laike Push E-commerce System of Hunan One Eight Network Technology Co. Ltd (CNVD-2020-25107)
Laikatsu Push e-commerce system is a platform that integrates all the functions of an e-commerce system. Hunan One Eight Network Technology Co., Ltd Laike Push e-commerce system has a SQL injection vulnerability, which can be exploited by an attacker to obtain sensitive information from the...
SQL Injection Vulnerability in Laikepui E-commerce System of Hunan One Eight Network Technology Co. Ltd (CNVD-2020-25312)
Laike e-commerce with independent copyright system, is an integrated e-commerce system all the functions of the platform. There is a SQL injection vulnerability in the Laike Push e-commerce system of Hunan One Eight Network Technology Co. Ltd, which can be exploited by an attacker to obtain...
SQL injection vulnerability in in***.cl***.php page of the background of e-commerce system of Hunan One Eight Network Technology Co.
Laike e-commerce with independent copyright system, is an integrated e-commerce system all the functions of the platform. Hunan One Eight Network Technology Co., Ltd. Laike Push e-commerce system background in.cl.php page there is a SQL injection vulnerability, the attacker can use the loophole t...
SQL Injection Vulnerability in ECShop Website of Shanghai ShangPai Network Technology Co.
Founded in 2002, Shanghai Shangpai Network Technology Co., Ltd. is a professional e-commerce system and service provider in China. A SQL injection vulnerability exists in the ECShop website of Shanghai ShangPai Network Technology Co. Ltd, which can be exploited by attackers to obtain sensitive...
File Upload Vulnerability in LaiKe Full Scene E-commerce System
LaiKe full-scene e-commerce system is a WeChat applet e-commerce platform front and back end open source PHP , including distribution , group , lottery , red packets , nine-grid game and other functions , the entire system architecture is very simple , suitable for small teams or individual...
File Upload Vulnerability in Laike E-commerce System (CNVD-2020-13871)
Laike e-commerce with independent copyright system, is an integrated e-commerce system all the functions of the platform. A file upload vulnerability exists in the Laike E-commerce system, which can be exploited by attackers to gain control of the web server...
SQL Injection Vulnerability in the Frontend of Dascommerce Mall System
Big Business Mall System is a business creation network based on ten years of reconstruction of the e-commerce architecture, to create a set of operators, suppliers, purchasers, users, distribution, etc., in the PC and mobile devices are compatible with the operation of a complete set of offline ...