Lucene search
+L

4 matches found

euvd
euvd
added 2025/11/09 9:30 p.m.7 views

EUVD-2025-38720

A vulnerability was detected in EverShop up to 2.0.1. Affected is an unknown function of the file /src/modules/oms/graphql/types/Order/Order.resolvers.js of the component Order Handler. The manipulation of the argument uuid results in improper control of resource identifiers. The attack may be...

6.3CVSS5.9AI score0.00453EPSS
Exploits1References6
osv
osv
added 2025/11/09 9:30 p.m.6 views

GHSA-C73G-MX2W-CC93 EverShop is vulnerable to Unauthorized Order Information Access (IDOR)

A vulnerability was detected in EverShop up to 2.0.1. Affected is an unknown function of the file /src/modules/oms/graphql/types/Order/Order.resolvers.js of the component Order Handler. The manipulation of the argument uuid results in improper control of resource identifiers. The attack may be...

6.3CVSS4.5AI score0.00453EPSS
Exploits1References7
cve
cve
added 2025/11/09 8:2 p.m.38 views

CVE-2025-12919

Summary: CVE-2025-12919 affects EverShop up to 2.0.1, specifically the function in /src/modules/oms/graphql/types/Order/Order.resolvers.js within the Order Handler. The vulnerability stems from manipulation of the uuid argument, causing improper control of resource identifiers and enabling a remo...

6.3CVSS6AI score0.00453EPSS
Exploits1References5Affected Software1
ptsecurity
ptsecurity
added 2025/11/09 12:0 a.m.7 views

PT-2025-45581

Name of the Vulnerable Software and Affected Versions EverShop versions up to 2.0.1 Description A flaw exists in EverShop related to improper control of resource identifiers. The issue is located in an unknown function within the /src/modules/oms/graphql/types/Order/Order.resolvers.js file of the...

6.3CVSS4.1AI score0.00453EPSS
Exploits1References13
Rows per page
Query Builder