Authorization Bypass

NopCommerce.Core is vulnerable to authorization bypass. The vulnerability is due to the AddressEdit function in CustomerController.cs not properly removing redundant address endpoint parameters, allowing a malicious user to modify the addresses of other users on the site...

Open Redirect

nopcommerce.core is susceptible to open redirect attacks. A remote attacker is able to conduct phishing attacks by redirecting users to attacker-controlled web sites via the improper use of returnUrl parameter in multiple files...

Directory Traversal

NopCommerce.Core is vulnerable to path traversal. An attacker can access files outside the expected directory by sending the wrong values through the POST request for the FileName parameter in the BackupAction function of CommonController.cs...

Cross-site Scripting (XSS)

nopcommerce.core is vulnerable to cross-site scriptingXSS attacks. The library does not properly sanitize the Text parameter in forums when creating a new post, which allows an attacker to inject and execute malicious javascript on victim's browser...

Unrestricted File Upload

NopCommerce.Core is vulnerable to unrestricted file upload. The vulnerability exists because the UploadAvatar function of CustomerController.cs does not properly check the file type before uploading the file, allowing an attacker to perform arbitrary file uploads...