Niushop: >> Niushop Security Vulnerabilities
In Niushop B2B2C Multi-Business Basic Edition V1.11, authentication can be bypassed, causing administrators to reset any passwords.
CVSS Score
4.9
EPSS Score
0.002
Published
2020-09-30
Niushop B2B2C Multi-business basic version V1.11, can bypass the administrator to obtain the background upload interface, through parameter upload, bypass the getimagesize function, upload php file, getshell.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-09-30
NIUSHOP V1.11 has XSS via the index.php?s=/admin URI.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-09-14
NIUSHOP V1.11 has CSRF via search_info to index.php.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-09-14