Vulnerabilities > Geeeeeeeek

DATE CVE VULNERABILITY TITLE RISK
2024-11-15 CVE-2024-50651 Authorization Bypass Through User-Controlled Key vulnerability in Geeeeeeeek Java Shop 1.0
java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter.
network
low complexity
geeeeeeeek CWE-639
6.5
2024-11-15 CVE-2024-50652 Unrestricted Upload of File with Dangerous Type vulnerability in Geeeeeeeek Java Shop 1.0
A file upload vulnerability in java_shop 1.0 allows attackers to upload arbitrary files by modifying the avatar function.
network
low complexity
geeeeeeeek CWE-434
4.3
2024-08-29 CVE-2024-8302 SQL Injection vulnerability in Geeeeeeeek Dingfanzu
A vulnerability was found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c.
network
low complexity
geeeeeeeek CWE-89
critical
9.8