Filtered by vendor Geeeeeeeek Subscriptions
Filtered by product Java Shop Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-50651 1 Geeeeeeeek 1 Java Shop 2024-11-27 6.5 Medium
java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter.
CVE-2024-50652 1 Geeeeeeeek 1 Java Shop 2024-11-22 6.3 Medium
A file upload vulnerability in java_shop 1.0 allows attackers to upload arbitrary files by modifying the avatar function.