CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

OSV•added 2026/04/21 5:15 p.m.•0 views

GHSA-JVWG-PHXX-J3RP October CMS: Editor Sub-Permission Bypass for Asset and Blueprint File Operations

Fine-grained sub-permission checks for asset and blueprint file operations were not enforced in the CMS and Tailor editor extensions. This only affects backend users who were explicitly granted editor access but had editor.cmsassets or editor.tailorblueprints specifically withheld, an uncommon...

3.3CVSS5.7AI score0.00033EPSS

Exploits0References3

NVD•added 2023/08/04 5:15 p.m.•8 views

CVE-2023-39112

ECShop v4.1.16 contains an arbitrary file deletion vulnerability in the Admin Panel...

6.5CVSS6.6AI score0.00079EPSS

Exploits1References2

Prion•added 2023/08/04 5:15 p.m.•13 views

Arbitrary file deletion

ECShop v4.1.16 contains an arbitrary file deletion vulnerability in the Admin Panel...

4.7CVSS6.5AI score0.00079EPSS

Exploits1References2Affected Software1

CVE•added 2023/08/04 12:0 a.m.•47 views

CVE-2023-39112

ECShop v4.1.16 has an arbitrary file deletion vulnerability in the Admin Panel (CVE-2023-39112). Public sources confirm the affected product/version and impact on integrity and availability, with CVSS 3.1 metrics: I:H, A:H, C:N; no details on root cause in the provided documents. No exploitation ...

6.5CVSS6.5AI score0.00079EPSS

Exploits1References2Affected Software1