Geeeeeeeek Java_shop
2 CVEs affecting Geeeeeeeek Java_shop. Latest disclosed: 2024-11-15. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-50651 | Medium | 6.5 | 2024-11-15 | java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID… |
CVE-2024-50652 | Medium | 4.3 | 2024-11-15 | A file upload vulnerability in java_shop 1.0 allows attackers to upload arbitrary files by modifying the avatar function. |