Niushop B2b2c Multi-business — known CVE vulnerabilities
Every CVE whose affected-product data names Niushop B2b2c Multi-business, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2024-25247 — CVSS 9.8 (critical): SQL Injection vulnerability in /app/api/controller/Store.php in Niushop B2B2C V5 allows attackers to run arbitrary SQL commands via…
CVE-2024-25248 — CVSS 9.8 (critical): SQL Injection vulnerability in the orderGoodsDelivery() function in Niushop B2B2C V5 allows attackers to run arbitrary SQL commands via the…
CVE-2018-14570 — CVSS 8.8 (high): A file upload vulnerability in application/shop/controller/member.php in Niushop B2B2C Multi-business basic version V1.11 allows any remote…
CVE-2024-28559 — CVSS 8.8 (high): SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the setPrice() function of…
CVE-2024-0933 — CVSS 6.3 (medium): A vulnerability was found in Niushop B2B2C V5 and classified as critical. Affected by this issue is some unknown functionality of the file…
CVE-2024-28560 — CVSS 5.4 (medium): SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the deleteArea() function of…