Filtered by vendor Sparkshop
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-48107 | 1 Sparkshop | 1 Sparkshop | 2025-04-18 | N/A | 6.5 MEDIUM |
| SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows attacks to scan ports on the Intranet or local network where the server resides, attack applications running on the Intranet or local network, or read metadata on the cloud server. | |||||
| CVE-2024-57685 | 1 Sparkshop | 1 Sparkshop | 2025-03-25 | N/A | 5.3 MEDIUM |
| An issue in sparkshop v.1.1.7 and before allows a remote attacker to execute arbitrary code via a crafted phar file. | |||||
| CVE-2024-46307 | 1 Sparkshop | 1 Sparkshop | 2024-10-15 | N/A | 7.5 HIGH |
| A loop hole in the payment logic of Sparkshop v1.16 allows attackers to arbitrarily modify the number of products. | |||||