Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Newbee-mall ProjectNewbee-mall

3 matches found

CVE
CVEadded 2022/04/10 9:15 p.m.65 views

CVE-2022-27477

Newbee-Mall v1.0.0 was discovered to contain an arbitrary file upload via the Upload function at /admin/goods/edit.

9.8CVSS9.5AI score0.00344EPSS
CVE
CVEadded 2019/11/18 5:15 p.m.64 views

CVE-2019-19113

main/resources/mapper/NewBeeMallGoodsMapper.xml in newbee-mall (aka New Bee) before 2019-10-23 allows search?goodsCategoryId=&keyword= SQL Injection.

9.8CVSS9.6AI score0.00642EPSS
CVE
CVEadded 2021/01/26 6:15 p.m.28 views

CVE-2020-23448

newbee-mall all versions are affected by incorrect access control to remotely gain privileges through AdminLoginInterceptor.java. The authentication logic of the system's background /admin is in code AdminLoginInterceptor, which can be bypassed.

9.8CVSS9.6AI score0.00398EPSS