Filtered by vendor Phpshe
Subscribe
Search
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-18020 | 1 Phpshe | 1 Mall System | 2021-05-05 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection in PHPSHE Mall System v1.7 allows remote attackers to execute arbitrary code by injecting SQL commands into the "user_phone" parameter of a crafted HTTP request to the "admin.php" component. | |||||
| CVE-2020-19165 | 1 Phpshe | 1 Phpshe | 2020-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| PHPSHE 1.7 has SQL injection via the admin.php?mod=user&userlevel_id=1 userlevel_id[] parameter. | |||||
| CVE-2019-9762 | 1 Phpshe | 1 Phpshe | 2019-03-14 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment/alipay/pay.php with the parameter id. The vulnerability does not need any authentication. | |||||
| CVE-2019-9626 | 1 Phpshe | 1 Phpshe | 2019-03-07 | 7.5 HIGH | 9.8 CRITICAL |
| PHPSHE 1.7 allows module/index/cart.php pintuan_id SQL Injection to index.php. | |||||
| CVE-2018-18486 | 1 Phpshe | 1 Phpshe | 2018-12-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in PHPSHE 1.7. SQL injection exists via the admin.php?mod=user&act=del user_id[] parameter. | |||||
| CVE-2018-8943 | 1 Phpshe | 1 Phpshe | 2018-04-18 | 7.5 HIGH | 9.8 CRITICAL |
| There is a SQL injection in the PHPSHE 1.6 userbank parameter. | |||||