TrustStackSecurity/Advisories

Releases0

VULNERABILITY DISCLOSURE PROCESS

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-52337 ↗	Aug 19, 2025Tuesday, 19 August 2025, 20:15	6.5 MEDIUM	—
An authenticated arbitrary file upload vulnerability in the Content Explorer feature of LogicData eCommerce Framework v5.0.9.7000 allows attackers to execute arbitrary code via uploading a crafted file.
CVE-2025-52338 ↗	Aug 19, 2025Tuesday, 19 August 2025, 19:15	5.3 MEDIUM	—
An issue in the default configuration of the password reset function in LogicData eCommerce Framework v5.0.9.7000 allows attackers to bypass authentication and compromise user accounts via a bruteforce attack.