CubeCart 安全漏洞

CubeCart is an open-source e-commerce software developed by CubeCart. Versions of CubeCart prior to 6.6.0 contained security vulnerabilities, which were caused by SQL injection attacks. These vulnerabilities could allow attackers to execute arbitrary SQL statements on the product side...

CubeCart 安全漏洞

CubeCart is an open-source e-commerce software developed by CubeCart. Versions of CubeCart prior to 6.6.0 contained security vulnerabilities. These vulnerabilities stemmed from OS command injection, which could allow users with administrative privileges to execute arbitrary OS commands...

Webkul Software Bagisto 安全漏洞

Webkul Software Bagisto is an open source e-commerce framework from Webkul Software India. A security vulnerability exists in Webkul Software Bagisto versions prior to 2.3.10, which stems from server-side template injection and could lead to remote code execution...

EUVD-2021-1994

Malware in sbrugna...

CRMEB 安全漏洞

CRMEB is a Java mall system of CRMEB open source. A security vulnerability exists in CRMEB 5.6 and earlier versions, which stems from an incorrect manipulation of the parameter cateid in the file /adminapi/product/product, which could lead to a SQL injection attack...

EUVD-2022-1352

Malicious code in bioql PyPI...

CVE-2024-40633

Sylius is an Open Source eCommerce Framework on Symfony. A security vulnerability was discovered in the /api/v2/shop/adjustments/id endpoint, which retrieves order adjustments based on incremental integer IDs. The vulnerability allows an attacker to enumerate valid adjustment IDs and retrieve ord...

ShopXO 安全漏洞

ShopXO is an open source enterprise-grade open source e-commerce system from ShopXO Inc. A security vulnerability exists in ShopXO v6.4.0, which stems from the presence of server-side request forgery and cross-site scripting in multiple locations...

Aimeos Security Breach

Aimeos is an open source e-commerce framework for online stores from Aimeos Open Source. A security vulnerability exists in Aimeos versions prior to 2022.10.17, 2023.10.17, and 2024.04, which stems from SaaS , marketplace settings are potentially vulnerable to denial of service attacks...

PrestaShop Chronopost Official Security Breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution offers multiple payment methods, short message alerts, and product image zoom, among other features. A security vulnerability exists in PrestaShop Chronopost Official. An attacker can exploit...

EC-CUBE Security Vulnerability

EC-CUBE is an open source e-commerce system from EC-CUBE Japan. A security vulnerability exists in EC-CUBE 3 series 3.0.0 to 3.0.18-p6 and 4 series 4.0.0 to 4.0.6-p3, 4.1.0 to 4.1.2-p2, and 4.2.0 to 4.2.2 releases, which is caused by an arbitrary code execution vulnerability due to improper...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts, and product image scaling. PrestaShop has a security vulnerability that stems from not checking access rights...

Zhongbang CRMEB 代码问题漏洞

Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. A code issue vulnerability exists in Zhongbang CRMEB versions prior to 4.6.0. An attacker could exploit this vulnerability to cause data deserialization...

ShopXO 代码问题漏洞

ShopXO is an open source enterprise-level open source e-commerce system. A security vulnerability exists in ShopXO version 2.2.0, which originates from an arbitrary file upload issue in three locations...

Advisto PEEL SHOPPING SQL注入漏洞

PEEL Shopping is a PHP/MySQL architecture of open source e-commerce system. 9.4.0.1 prior version of PEEL Shopping has a SQL injection vulnerability, which can be exploited by attackers to inject malicious SQL queries and obtain sensitive database information...

Adobe Magento 操作系统命令注入漏洞

Adobe Magento is Adobe's one with PHP written in open source e-commerce platform.Magento Community Edition is the community edition, later renamed Magento Open Source, Magento Enterprise Edition is the enterprise edition, later renamed Magento Magento Enterprise Edition is the enterprise edition,...

Vulnerability in Ecstore of Shanghai Shangpai Network Technology Co.

Ecstore is based on a new generation of "e-commerce solution-driven engine" ECOS development of enterprise-class open source online store system , the system is based on the PHP language and MYSQL database framework for the development of cross-platform open-source program . Ltd. Ecstore has an...

Adobe Magento Improper Authorization Vulnerability (CNVD-2020-57887)

Adobe Magento is the United States of America Odo than Adobe company's set of open source PHP e-commerce system. The system provides rights management , search engine and payment gateway and other functions.Magento Open Source is the open source version of Magento.Magento Commerce is the commerci...

Solidus Input Validation Error Vulnerability

Solidus is an open source e-commerce system. An input validation error vulnerability exists in Solidus versions prior to 2.8.6, prior to 2.9.6, and prior to 2.10.2. The vulnerability stems from a network system or product that does not properly validate incoming data. No detailed vulnerability...

Arbitrary Code Execution Vulnerability in Verydows Backend

Verydows is a completely free and open source e-commerce management system developed using PHP, featuring cross-platform, lightweight, high performance, high load and security stability. Verydows backend arbitrary code execution vulnerabilities, attackers can exploit the vulnerability to obtain...