Latest shopex ecshop Vulnerabilities

CVE-2024-1530
ECshop view_sendlist.php sql injection
Shopex Ecshop=4.1.8
CVE-2023-5294
A vulnerability has been found in ECshop 4.1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/order.php. The manipulation of the argument goo...
Shopex Ecshop=4.1.1
CVE-2023-5293
A vulnerability, which was classified as critical, was found in ECshop 4.1.5. Affected is an unknown function of the file /admin/leancloud.php. The manipulation of the argument id leads to sql injecti...
Shopex Ecshop=4.1.5
CVE-2023-39112
ECShop v4.1.16 contains an arbitrary file deletion vulnerability in the Admin Panel.
Shopex Ecshop=4.1.16
CVE-2023-1185
ECshop New Product unrestricted upload
Shopex Ecshop<=4.1.8
<=4.1.8
CVE-2023-1184
ECshop Backup Database database.php unrestricted upload
Shopex Ecshop<=4.1.8
<=4.1.8
CVE-2023-0783
EcShop PHP File template.php unrestricted upload
Shopex Ecshop=4.1.5
=4.1.5
CVE-2021-41460
ECShop 4.1.0 has SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information.
Shopex Ecshop=4.1.0
CVE-2021-43679
ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\ecshop\upload\api\client\api.php.
Shopex Ecshop=2.7.3
CVE-2020-20640
Cross Site Scripting (XSS) vulnerability in ECShop 4.0 due to security filtering issues, in the user.php file, we can use the html entity encoding to bypass the security policy of the safety.php file,...
Shopex Ecshop=4.0
CVE-2020-22204
SQL Injection in ECShop 2.7.6 via the goods_number parameter to flow.php. .
Shopex Ecshop=2.7.6
CVE-2020-22206
SQL Injection in ECShop 3.0 via the aid parameter to admin/affiliate_ck.php.
Shopex Ecshop=3.0
CVE-2020-22205
SQL Injection in ECShop 3.0 via the id parameter to admin/shophelp.php.
Shopex Ecshop=3.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203