Java Shop

java_shop

Vendor: Geeeeeeeek • 2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-50652 1Geeeeeeeek 1Java Shop Nov 22, 2024 Nov 15, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 A file upload vulnerability in java_shop 1.0 allows attackers to upload arbitrary files by modifying the avatar function.
CVE-2024-50651 1Geeeeeeeek 1Java Shop Nov 27, 2024 Nov 15, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter.