shopwind 漏洞與 CVE 列表(7)

產品(CPE): — CVE 數: 7

shopwind 漏洞概覽

彙總 shopwind 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

已披露問題常與 跨站腳本、路徑處理缺陷與SQL 注入 相關,可能在 生產負載與軟體部署 場景中帶來 工作階段劫持與資料外洩 等暴露風險。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 177 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2024-1705 A vulnerability was found in Shopwind up to 4.6. It has been rated as critical. This issue affects the function actionCreate of the file /public/install/controllers/DefaultController.php of the component Installation. The manipulation leads to code injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-254393 was assigned to this vulner [email protected] 5.6 0.59% 2024-02-21 2026-06-17
CVE-2022-43321 Shopwind v3.4.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the component /common/library/Page.php. [email protected] 6.1 0.41% 2022-11-09 2026-06-17
CVE-2022-30453 ShopWind <= 3.4.2 has a RCE vulnerability in Database.php [email protected] 9.8 14.47% 2022-05-11 2026-06-17
CVE-2022-30452 ShopWind <= v3.4.2 has a Sql injection vulnerability in Database.php [email protected] 7.2 0.95% 2022-05-11 2026-06-17
CVE-2022-30059 Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Delete vulnerability via the neirong parameter at \backend\controllers\DbController.php. [email protected] 6.5 1.10% 2022-05-11 2026-06-17
CVE-2022-30058 Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Download vulnerability via the neirong parameter at \backend\controllers\DbController.php. [email protected] 5.3 1.08% 2022-05-11 2026-06-17
CVE-2022-30057 Shopwind <=v3.4.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability. [email protected] 5.4 0.47% 2022-05-11 2026-06-17
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence