Vulnerabilities > TP Shop > Tpshop
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-30 | CVE-2017-16614 | Server-Side Request Forgery (SSRF) vulnerability in Tp-Shop Tpshop 2.0.5/2.0.6 SSRF (Server Side Request Forgery) in tpshop 2.0.5 and 2.0.6 allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution via the plugins/payment/weixin/lib/WxPay.tedatac.php fBill parameter. | 7.5 |