Lucene search
K

4 matches found

NVD
NVD
added 2023/05/20 10:15 a.m.22 views

CVE-2023-2712

Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server. This issue affects Rental Module: before 23.05.15...

9.8CVSS9.6AI score0.01344EPSS
Exploits0References2
Prion
Prion
added 2023/05/20 10:15 a.m.12 views

Authorization

Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Authentication Abuse, Authentication Bypass.This issue affects Rental Module: before 23.05.15...

7.5CVSS9.5AI score0.00765EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/20 9:49 a.m.25 views

CVE-2023-2712 Malicious File Upload vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform.

Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server. This issue affects Rental Module: before 23.05.15...

9.8CVSS9.7AI score0.01344EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/05/20 12:0 a.m.4 views

Ideasoft E-commerce Platform 安全漏洞

Ideasoft E-commerce Platform is an open source e-commerce platform from Ideasoft. A security vulnerability exists in Ideasoft E-commerce Platform versions prior to 23.05, which stems from a vulnerability in Rental Module that allows an attacker to bypass authorization via a controlled user key...

9.8CVSS8.3AI score0.00765EPSS
Exploits0References2
Rows per page
Query Builder