CVE-2024-0739

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Affected is an unknown function of the file /web/leadshop.php. The manipulation of the argument install leads to deserialization. It is possible to launch the attack remotely. The exploit has been...

PT-2022-25826 · Unknown · Qmpass/Leadshop

Name of the Vulnerable Software and Affected Versions: qmpass/leadshop version 1.4.15 Description: The issue allows an attacker to control the target host by calling any function in leadshop.php via the GET method, potentially leading to remote code execution RCE. This can enable an attacker to...