| CVE-2025-12919 |
low |
3.7 |
3.7 |
|
|
|
7mo ago |
EverShop is vulnerable to Unauthorized Order Information Access (IDOR) |
| CVE-2025-67419 |
unknown |
— |
— |
|
|
|
5mo ago |
evershop allows unauthenticated attackers to exhaust application server's resources via "GET /images" API |
| CVE-2025-67427 |
unknown |
— |
— |
|
|
|
5mo ago |
evershop allows unauthenticated attackers to force server to initiate HTTP request via "GET /images" API |
| CVE-2023-46942 |
unknown |
— |
— |
|
|
|
2y ago |
EverShop vulnerable to improper authorization in GraphQL endpoints |
| CVE-2023-46943 |
unknown |
— |
— |
|
|
|
2y ago |
EverShop at risk to unauthorized access via weak HMAC secret |
| CVE-2023-46498 |
unknown |
— |
— |
|
|
|
3y ago |
Code execution in evershop |
| CVE-2023-46493 |
unknown |
— |
— |
|
|
|
3y ago |
Directory Traversal in evershop |
| CVE-2023-46499 |
unknown |
— |
— |
|
|
|
3y ago |
Cross-site Scripting in evershop |
| CVE-2023-46494 |
unknown |
— |
— |
|
|
|
3y ago |
Cross Site Scripting in evershop |
| CVE-2023-46495 |
unknown |
— |
— |
|
|
|
3y ago |
Cross-site Scripting in evershop |
| CVE-2023-46496 |
unknown |
— |
— |
|
|
|
3y ago |
Directory Traversal in evershop |
| CVE-2023-46497 |
unknown |
— |
— |
|
|
|
3y ago |
Directory Traversal in evershop |
