Online Store Management System

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-2944 HIGH POC This Week

Remote code execution in Tosei Online Store Management System 1.01 allows unauthenticated attackers to execute arbitrary OS commands through the DevId parameter in /cgi-bin/monitor.php. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. The attack requires no user interaction and is exploitable over the network.

PHP Command Injection Online Store Management System
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.3%
CVE-2026-1192 HIGH POC This Week

Online Store Management System versions up to 1.01 contains a vulnerability that allows attackers to command injection (CVSS 7.3).

PHP Command Injection Online Store Management System
NVD VulDB
CVSS 3.1
7.3
EPSS
2.5%
CVE-2026-2944
EPSS 0% CVSS 7.3
HIGH POC This Week

Remote code execution in Tosei Online Store Management System 1.01 allows unauthenticated attackers to execute arbitrary OS commands through the DevId parameter in /cgi-bin/monitor.php. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. The attack requires no user interaction and is exploitable over the network.

PHP Command Injection Online Store Management System
NVD GitHub VulDB
CVE-2026-1192
EPSS 3% CVSS 7.3
HIGH POC This Week

Online Store Management System versions up to 1.01 contains a vulnerability that allows attackers to command injection (CVSS 7.3).

PHP Command Injection Online Store Management System
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy