Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
likeshop likeshop vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34949
SQL injection vulnerability in Likeshop prior to 2.5.7 allows malicious users to run abitrary SQL commands via the function OrderLogic::getOrderList function, exploited at the /admin/order/lists.html endpoint.
NA
CVE-2024-24028
Server Side Request Forgery (SSRF) vulnerability in Likeshop prior to 2.5.7 allows malicious users to view sensitive information via the avatar parameter in function UserLogic::updateWechatInfo.
NA
CVE-2024-24027
SQL Injection vulnerability in Likeshop prior to 2.5.7 allows malicious users to run abitrary SQL commands via the function DistributionMemberLogic::getFansLists.
9.8
CVSSv3
CVE-2024-0352
A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument...
Likeshop Likeshop
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started