EUVD-2022-35272

Malicious code in bioql PyPI...

EUVD-2022-35273

Malicious code in bioql PyPI...

EUVD-2022-52338

Malicious code in bioql PyPI...

CVE-2024-1705

A vulnerability was found in Shopwind up to 4.6. It has been rated as critical. This issue affects the function actionCreate of the file /public/install/controllers/DefaultController.php of the component Installation. The manipulation leads to code injection. The attack may be initiated remotely...

CVE-2022-30059

Shopwind =v3.4.2 was discovered to contain a Arbitrary File Delete vulnerability via the neirong parameter at \backend\controllers\DbController.php...

CVE-2022-30057

Shopwind =v3.4.2 was discovered to contain a stored cross-site scripting XSS vulnerability...

ShopWind Security Breach

ShopWind is a B2B2C, O2O industry e-commerce system software based on the Yii2.0 framework deeply reconstructed by China ShopWind. You can easily create and publish your own brand of professional e-commerce platform for a full range of branding and product promotion. ShopWind 4.6 and previous...

PT-2022-26847 · Shopwind · Shopwind

Name of the Vulnerable Software and Affected Versions: Shopwind version 3.4.3 Description: The issue is related to a reflected cross-site scripting XSS vulnerability. This vulnerability was found in the /common/library/Page.php component. Recommendations: For Shopwind version 3.4.3, consider...

Arbitrary file deletion

Shopwind =v3.4.2 was discovered to contain a Arbitrary File Download vulnerability via the neirong parameter at \backend\controllers\DbController.php...

CVE-2022-30452

ShopWind = v3.4.2 has a Sql injection vulnerability in Database.php...