koyshe

7 exploits Active since Oct 2018
CVE-2020-18215 GITEE HIGH php
PHPSHE 1.7 - SQL Injection via ad_id, menu_id, or cashout_id Parameters
Multiple SQL Injection vulnerabilities in PHPSHE 1.7 in phpshe/admin.php via the (1) ad_id, (2) menu_id, and (3) cashout_id parameters, which could let a remote malicious user execute arbitrary code.
48 stars
CVSS 8.8
CVE-2020-18020 GITEE CRITICAL php
PHPSHE Mall System <1.7 - SQL Injection
SQL Injection in PHPSHE Mall System v1.7 allows remote attackers to execute arbitrary code by injecting SQL commands into the "user_phone" parameter of a crafted HTTP request to the "admin.php" component.
48 stars
CVSS 9.8
CVE-2019-9762 GITEE CRITICAL php WRITEUP
PHPSHE 1.7 - Unauthenticated SQL Injection via Alipay Payment Plugin id Parameter
A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment/alipay/pay.php with the parameter id. The vulnerability does not need any authentication.
48 stars
CVSS 9.8
CVE-2019-9761 GITEE HIGH php WRITEUP
PHPSHE 1.7 - Unauthenticated XML External Entity Injection via wechat_getxml
An XXE issue was discovered in PHPSHE 1.7, which can be used to read any file in the system or scan the internal network without authentication. This occurs because of the call to wechat_getxml in include/plugin/payment/wechat/notify_url.php.
48 stars
CVSS 7.5
CVE-2019-9626 GITEE CRITICAL php WRITEUP
PHPSHE 1.7 - SQL Injection via pintuan_id Parameter
PHPSHE 1.7 allows module/index/cart.php pintuan_id SQL Injection to index.php.
48 stars
CVSS 9.8
CVE-2018-18486 GITEE CRITICAL php WRITEUP
PHPSHE 1.7 - SQL Injection via admin.php user_id[] Parameter
An issue was discovered in PHPSHE 1.7. SQL injection exists via the admin.php?mod=user&act=del user_id[] parameter.
48 stars
CVSS 9.8
CVE-2018-18485 GITEE HIGH php WRITEUP
PHPSHE 1.7 - Unauthenticated Path Traversal and Arbitrary File Deletion via dbname Parameter
An issue was discovered in PHPSHE 1.7. admin.php?mod=db&act=del allows remote attackers to delete arbitrary files via directory traversal sequences in the dbname parameter. This can be leveraged to reload the product by deleting install.lock.
48 stars
CVSS 7.5