| CVE-2025-12919 |
low |
3.7 |
3.7 |
7mo ago |
EverShop is vulnerable to Unauthorized Order Information Access (IDOR) |
|
| CVE-2025-67419 |
unknown |
— |
— |
5mo ago |
evershop allows unauthenticated attackers to exhaust application server's resources via "GET /images" API |
|
| CVE-2025-67427 |
unknown |
— |
— |
5mo ago |
evershop allows unauthenticated attackers to force server to initiate HTTP request via "GET /images" API |
|
| CVE-2023-46942 |
unknown |
— |
— |
2y ago |
EverShop vulnerable to improper authorization in GraphQL endpoints |
|
| CVE-2023-46943 |
unknown |
— |
— |
2y ago |
EverShop at risk to unauthorized access via weak HMAC secret |
|
| CVE-2023-46498 |
unknown |
— |
— |
3y ago |
Code execution in evershop |
|
| CVE-2023-46493 |
unknown |
— |
— |
3y ago |
Directory Traversal in evershop |
|
| CVE-2023-46499 |
unknown |
— |
— |
3y ago |
Cross-site Scripting in evershop |
|
| CVE-2023-46494 |
unknown |
— |
— |
3y ago |
Cross Site Scripting in evershop |
|
| CVE-2023-46495 |
unknown |
— |
— |
3y ago |
Cross-site Scripting in evershop |
|
| CVE-2023-46496 |
unknown |
— |
— |
3y ago |
Directory Traversal in evershop |
|
| CVE-2023-46497 |
unknown |
— |
— |
3y ago |
Directory Traversal in evershop |
|