Vulnerabilities > Evershop > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-13 CVE-2023-46943 Use of Hard-coded Credentials vulnerability in Evershop 1.0.0
An issue was discovered in NPM's package @evershop/evershop before version 1.0.0-rc.8.
network
low complexity
evershop CWE-798
critical
 9.1
9.1
2023-12-08 CVE-2023-46498 Unspecified vulnerability in Evershop 1.0.0
An issue in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information and execute arbitrary code via the /deleteCustomer/route.json file.
network
low complexity
evershop
critical
 9.8
9.8