16 matches found
CVE-2024-37621
StrongShop v1.0 was discovered to contain a Server-Side Template Injection SSTI vulnerability via the component /shippingOptionConfig/index.blade.php...
CVE-2024-37619
StrongShop v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the specgroupid parameter at /spec/index.blade.php...
CVE-2024-37621
StrongShop v1.0 was discovered to contain a Server-Side Template Injection SSTI vulnerability via the component /shippingOptionConfig/index.blade.php...
CVE-2024-37621
StrongShop v1.0 was discovered to contain a Server-Side Template Injection SSTI vulnerability via the component /shippingOptionConfig/index.blade.php...
CVE-2024-37619
StrongShop v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the specgroupid parameter at /spec/index.blade.php...
CVE-2024-37619
StrongShop v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the specgroupid parameter at /spec/index.blade.php...
CVE-2024-37621
CVE-2024-37621 affects StrongShop v1.0, with a Server-Side Template Injection (SSTI) vulnerability in the component /shippingOptionConfig/index.blade.php. The connected sources explicitly identify the vulnerable element and software version, but do not provide any confirmed exploit details, affec...
PT-2024-27678 · Unknown · Strongshop
Name of the Vulnerable Software and Affected Versions: StrongShop version 1.0 Description: A Server-Side Template Injection SSTI issue was found in the /shippingOptionConfig/index.blade.php component. Recommendations: For StrongShop version 1.0, consider restricting access to the vulnerable...
CVE-2024-37619
CVE-2024-37619 affects StrongShop v1.0. A reflected cross-site scripting (XSS) vulnerability exists in the /spec/index.blade.php endpoint, exploitable via the parameter spec_group_id . The provided sources consistently describe a reflected XSS issue originating from that parameter, with no public...
CVE-2024-37621
StrongShop v1.0 was discovered to contain a Server-Side Template Injection SSTI vulnerability via the component /shippingOptionConfig/index.blade.php...
PT-2024-27675 · Unknown · Strongshop
Name of the Vulnerable Software and Affected Versions: StrongShop version 1.0 Description: A reflected cross-site scripting XSS issue was found, which can be exploited via the spec group id parameter at the "/spec/index.blade.php" API endpoint. Recommendations: For StrongShop version 1.0, avoid...
StrongShop Cross-Site Scripting Vulnerability
StrongShop is a free and open source cross-border e-commerce mall website by StrongShop Open Source. A cross-site scripting vulnerability exists in StrongShop v1.0, which originates from a cross-site scripting vulnerability in the id parameter of /view/admin/view.php...
CVE-2024-37621
StrongShop v1.0 was discovered to contain a Server-Side Template Injection SSTI vulnerability via the component /shippingOptionConfig/index.blade.php...
CVE-2024-37619
StrongShop v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the specgroupid parameter at /spec/index.blade.php...
CVE-2024-37619
StrongShop v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the specgroupid parameter at /spec/index.blade.php...
StrongShop Cross-Site Scripting Vulnerability
StrongShop is a free and open source cross-border e-commerce mall website by StrongShop Open Source. A cross-site scripting vulnerability exists in StrongShop v1.0, which originates from a cross-site scripting vulnerability in the specgroupid parameter on /spec/index.blade.php...