Jpshop@* Security Vulnerabilities and Issues — Jpshop@* CVE List

Lucene search

JuanpaoJpshop*

7 matches found

CVE•added 2024/02/06 9:15 p.m.•95 views

CVE-2024-1258

A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file api/config/params.php of the component API. The manipulation of the argument JWT_KEY_ADMIN leads to use of hard-coded cryptographic k...

5.9CVSS5.8AI score0.00091EPSS

CVE•added 2024/02/06 10:16 p.m.•71 views

CVE-2024-1260

A vulnerability classified as critical has been found in Juanpao JPShop up to 1.5.02. This affects the function actionIndex of the file /api/controllers/admin/app/ComboController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upload. It is possible to initi...

9.8CVSS9.5AI score0.00084EPSS

CVE•added 2024/02/06 10:16 p.m.•68 views

CVE-2024-1261

A vulnerability classified as critical was found in Juanpao JPShop up to 1.5.02. This vulnerability affects the function actionIndex of the file /api/controllers/merchant/app/ComboController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upload. The attack ...

9.8CVSS9.4AI score0.00077EPSS

CVE•added 2024/02/06 11:15 p.m.•67 views

CVE-2024-1263

A vulnerability, which was classified as critical, was found in Juanpao JPShop up to 1.5.02. Affected is the function actionUpdate of the file /api/controllers/merchant/shop/PosterController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upload. It is possi...

9.8CVSS9.5AI score0.00077EPSS

CVE•added 2024/02/06 11:15 p.m.•65 views

CVE-2024-1262

A vulnerability, which was classified as critical, has been found in Juanpao JPShop up to 1.5.02. This issue affects the function actionUpdate of the file /api/controllers/merchant/design/MaterialController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upl...

9.8CVSS9.5AI score0.00077EPSS

CVE•added 2024/02/07 12:15 a.m.•64 views

CVE-2024-1264

A vulnerability has been found in Juanpao JPShop up to 1.5.02 and classified as critical. Affected by this vulnerability is the function actionUpdate of the file /api/controllers/common/UploadsController.php. The manipulation of the argument imgage leads to unrestricted upload. The attack can be la...

9.8CVSS9.5AI score0.00077EPSS

CVE•added 2024/02/06 9:15 p.m.•63 views

CVE-2024-1259

A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/controllers/admin/app/AppController.php of the component API. The manipulation of the argument app_pic_url leads to unrestricted upload. The...

9.8CVSS9.3AI score0.00084EPSS