Shodan
Vulnerabilities
Vulnerable Software
Nopcommerce:  >> Nopcommerce  Security Vulnerabilities
CVE-2019-19685
RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to CSRF because GET requests can be used for renames and deletions.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-12-09
CVE-2019-11519
Libraries/Nop.Services/Localization/LocalizationService.cs in nopCommerce through 4.10 allows XXE via the "Configurations -> Languages -> Edit Language -> Import Resources -> Upload XML file" screen.
CVSS Score
4.9
EPSS Score
0.003
Published
2019-04-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved