Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Jpshop Security Vulnerabilities

cve
cve

CVE-2024-1258

A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file api/config/params.php of the component API. The manipulation of the argument JWT_KEY_ADMIN leads to use of hard-coded cryptographic k...

5.9CVSS

5.8AI Score

0.001EPSS

2024-02-06 09:15 PM
41
cve
cve

CVE-2024-1259

A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/controllers/admin/app/AppController.php of the component API. The manipulation of the argument app_pic_url leads to unrestricted upload. The...

9.8CVSS

9.3AI Score

0.001EPSS

2024-02-06 09:15 PM
25
cve
cve

CVE-2024-1260

A vulnerability classified as critical has been found in Juanpao JPShop up to 1.5.02. This affects the function actionIndex of the file /api/controllers/admin/app/ComboController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upload. It is possible to initi...

9.8CVSS

9.5AI Score

0.001EPSS

2024-02-06 10:16 PM
26
cve
cve

CVE-2024-1261

A vulnerability classified as critical was found in Juanpao JPShop up to 1.5.02. This vulnerability affects the function actionIndex of the file /api/controllers/merchant/app/ComboController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upload. The attack ...

9.8CVSS

9.4AI Score

0.001EPSS

2024-02-06 10:16 PM
29
cve
cve

CVE-2024-1262

A vulnerability, which was classified as critical, has been found in Juanpao JPShop up to 1.5.02. This issue affects the function actionUpdate of the file /api/controllers/merchant/design/MaterialController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upl...

9.8CVSS

9.5AI Score

0.001EPSS

2024-02-06 11:15 PM
24
cve
cve

CVE-2024-1263

A vulnerability, which was classified as critical, was found in Juanpao JPShop up to 1.5.02. Affected is the function actionUpdate of the file /api/controllers/merchant/shop/PosterController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upload. It is possi...

9.8CVSS

9.5AI Score

0.001EPSS

2024-02-06 11:15 PM
28
cve
cve

CVE-2024-1264

A vulnerability has been found in Juanpao JPShop up to 1.5.02 and classified as critical. Affected by this vulnerability is the function actionUpdate of the file /api/controllers/common/UploadsController.php. The manipulation of the argument imgage leads to unrestricted upload. The attack can be la...

9.8CVSS

9.5AI Score

0.001EPSS

2024-02-07 12:15 AM
21