Filtered by vendor Geeeeeeeek
Subscriptions
Filtered by product Java Shop
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-50651 | 1 Geeeeeeeek | 1 Java Shop | 2024-11-27 | 6.5 Medium |
java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter. | ||||
CVE-2024-50652 | 1 Geeeeeeeek | 1 Java Shop | 2024-11-22 | 6.3 Medium |
A file upload vulnerability in java_shop 1.0 allows attackers to upload arbitrary files by modifying the avatar function. |
Page 1 of 1.