Skip to main content

Leadshop

2 CVEs product

Monthly

CVE-2024-0739 CRITICAL Act Now

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization PHP Leadshop
NVD VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-4136 CRITICAL POC PATCH Act Now

Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure PHP Leadshop
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
EPSS 1% CVSS 9.8
CRITICAL Act Now

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization PHP Leadshop
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure PHP Leadshop
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy