Every CVE whose affected-product data names Geeeeeeeek Java Shop, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2024-50651 — CVSS 6.5 (medium): java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs…
CVE-2024-50652 — CVSS 4.3 (medium): A file upload vulnerability in java_shop 1.0 allows attackers to upload arbitrary files by modifying the avatar function.