Vulnerabilities > Shopbeat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-30 | CVE-2022-36243 | Path Traversal vulnerability in Shopbeat Shop Beat Media Player 2.5.95 Shop Beat Solutions (pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Directory Traversal via server.shopbeat.co.za. | 5.3 |
| 2023-05-30 | CVE-2022-36244 | Cross-site Scripting vulnerability in Shopbeat Shop Beat Media Player 2.5.95 Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 suffers from Multiple Stored Cross-Site Scripting (XSS) vulnerabilities via Shop Beat Control Panel found at www.shopbeat.co.za controlpanel.shopbeat.co.za. | 5.4 |
| 2023-05-30 | CVE-2022-36246 | Unspecified vulnerability in Shopbeat Shop Beat Media Player 2.5.95 Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Insecure Permissions. | 9.8 |
| 2023-05-30 | CVE-2022-36247 | Authorization Bypass Through User-Controlled Key vulnerability in Shopbeat Shop Beat Media Player 2.5.95 Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za. | 9.1 |
| 2023-05-30 | CVE-2022-36249 | Missing Authentication for Critical Function vulnerability in Shopbeat Shop Beat Media Player 2.5.95 Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass 2FA via APIs. | 5.4 |
| 2023-05-30 | CVE-2022-36250 | Cross-Site Request Forgery (CSRF) vulnerability in Shopbeat Shop Beat Media Player 2.5.95 Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Cross Site Request Forgery (CSRF). | 8.8 |