Vulnerabilities > Niushop > Niushop > 1.11
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-30 | CVE-2020-19672 | Unrestricted Upload of File with Dangerous Type vulnerability in Niushop 1.11 Niushop B2B2C Multi-business basic version V1.11, can bypass the administrator to obtain the background upload interface, through parameter upload, bypass the getimagesize function, upload php file, getshell. | 7.5 |
2020-09-30 | CVE-2020-19670 | Missing Authentication for Critical Function vulnerability in Niushop 1.11 In Niushop B2B2C Multi-Business Basic Edition V1.11, authentication can be bypassed, causing administrators to reset any passwords. | 4.0 |
2019-09-14 | CVE-2019-16311 | Cross-Site Request Forgery (CSRF) vulnerability in Niushop 1.11 NIUSHOP V1.11 has CSRF via search_info to index.php. | 6.8 |
2019-09-14 | CVE-2019-16310 | Cross-site Scripting vulnerability in Niushop 1.11 NIUSHOP V1.11 has XSS via the index.php?s=/admin URI. | 3.5 |