vi3it0r/CMS

Releases0

Stars1

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-19670 ↗	Sep 30, 2020Wednesday, 30 September 2020, 18:15	4.9 MEDIUM	4 MEDIUM
In Niushop B2B2C Multi-Business Basic Edition V1.11, authentication can be bypassed, causing administrators to reset any passwords.
CVE-2020-19672 ↗	Sep 30, 2020Wednesday, 30 September 2020, 18:15	9.8 CRITICAL	7.5 HIGH
Niushop B2B2C Multi-business basic version V1.11, can bypass the administrator to obtain the background upload interface, through parameter upload, bypass the getimagesize function, upload php file, getshell.