Shopxo Security Vulnerabilities and Issues — Shopxo CVE List

Lucene search

ShopxoShopxo

4 matches found

CVE•added 2022/05/02 2:15 p.m.•76 views

CVE-2022-28056

ShopXO v2.2.5 and below was discovered to contain a system re-install vulnerability via the Add function in app/install/controller/Index.php.

9.8CVSS9.5AI score0.00411EPSS

CVE•added 2022/05/19 2:15 p.m.•75 views

CVE-2021-41938

An issue was discovered in ShopXO CMS 2.2.0. After entering the management page, there is an arbitrary file upload vulnerability in three locations.

7.2CVSS7AI score0.00358EPSS

CVE•added 2022/03/20 10:15 p.m.•52 views

CVE-2020-26007

An arbitrary file upload vulnerability in the upload payment plugin of ShopXO v1.9.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.

7.8CVSS7.9AI score0.00296EPSS

CVE•added 2022/03/20 10:15 p.m.•42 views

CVE-2020-26008

The PluginsUpload function in application/service/PluginsAdminService.php of ShopXO v1.9.0 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via uploading a crafted PHP file.

7.8CVSS7.9AI score0.00296EPSS