16 matches found
CVE-2020-23362
Insecure Permissons vulnerability found in ShopCMS YerShop all versions allows a remote attacker to escalate privileges via the coverid parameter...
CVE-2020-23362
Insecure Permissons vulnerability found in ShopCMS YerShop all versions allows a remote attacker to escalate privileges via the coverid parameter...
Design/Logic Flaw
Insecure Permissons vulnerability found in ShopCMS YerShop all versions allows a remote attacker to escalate privileges via the coverid parameter...
PT-2023-11647 · Unknown · Shop Cms Yershop
Name of the Vulnerable Software and Affected Versions: Shop CMS YerShop versions all Description: The issue allows a remote attacker to escalate privileges via the cover id parameter. Recommendations: For all versions, consider restricting access to the cover id parameter to minimize the risk of...
CVE-2020-23362
Insecure Permissons vulnerability found in ShopCMS YerShop all versions allows a remote attacker to escalate privileges via the coverid parameter...
CVE-2020-23362
CVE-2020-23362 affects Shop CMS YerShop (all versions). Affected component is the insecure permissions around the cover_id parameter that allows a remote attacker to escalate privileges. The vulnerability is described with a CVSS v3.1 base score of 7.1 (HIGH), with network attack vector, low atta...
CVE-2020-23362
Insecure Permissons vulnerability found in ShopCMS YerShop all versions allows a remote attacker to escalate privileges via the coverid parameter...
SQL injection vulnerability in yershop mall system
yershop mall system is based on onethink content management framework, thinkphp3.2.3 new version of the comprehensive mall system. There is a SQL injection vulnerability in yershop mall system. An attacker can exploit this vulnerability to gain server privileges...
Yershop Mall has a flawed logic vulnerability
Yershop online store management system is a mall system based on tp5.1 optimized version. Yershop Mall has a logic flaw vulnerability that can be exploited by an attacker to make unauthorized changes to any user name, resulting in the user not being able to log in to their account...
File upload vulnerability in yershop
yershop open source online store system is a thinkphp5 based mall system , with a key to generate the controller , model , validator , template , general additions and deletions and other functions . yershop backend file upload vulnerability , attackers can exploit the vulnerability to obtain...
Code execution vulnerability in yershop
yershop open source online store system is a thinkphp5-based mall system with a key to generate controllers , models , validators , templates , general additions and deletions , and other functions. yershop code execution vulnerability exists in the background , an attacker can exploit the...
yershop open source online store system code execution vulnerabilities exist in the background
yershop open source online store system is a thinkphp5-based mall system with a key to generate controllers , models , validators , templates , general additions and deletions , and other functions. yershop open source online store system code execution vulnerabilities exist in the background , a...
Logic flaw vulnerability in yershop open source online store system (CNVD-2019-04592)
yershop open source online store system is a thinkphp5-based mall system with a key to generate controllers , models , validators , templates , general additions and deletions , and other functions. yershop open source online store system there is a logic flaw vulnerability , the vulnerability...
yershop 商城系统 Application/Home/Controller/ArticleController.class.php SQL注入
No description provided by source...
yershop商城系统 PublicController.class.php 参数username[0] SQL注入漏洞
No description provided by source...
yershop商城系统/index.php?s=/Home/account/savepaykey.html等30处 SQL注入漏洞
No description provided by source...