NotCVE - vendor:"InnoShop" product:"InnoShop" version:" <= 0.4.1"

3 results (0.001 seconds)

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-52920

https://notcve.org/view.php?id=CVE-2025-52920

23 Jun 2025 — Innoshop through 0.4.1 allows Insecure Direct Object Reference (IDOR) at multiple places within the frontend shop. Anyone can create a customer account and easily exploit these. Successful exploitation results in disclosure of the PII of other customers and the deletion of their reviews of products on the website. To be specific, an attacker could view the order details of any order by browsing to /en/account/orders/_ORDER_ID_ or use the address and billing information of other customers by manipulating the... • https://github.com/innocommerce/innoshop • CWE-425: Direct Request ('Forced Browsing') •

CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-52922

https://notcve.org/view.php?id=CVE-2025-52922

23 Jun 2025 — Innoshop through 0.4.1 allows directory traversal via FileManager API endpoints. An authenticated attacker with access to the admin panel could abuse this to: (1) fully map the filesystem structure via the /api/file_manager/files?base_folder= endpoint, (2) create arbitrary directories on the server via the /api/file_manager/directories endpoint, (3) read arbitrary files from the server by copying the file to a readable location within the application via the /api/file_manager/copy_files endpoint, {4) delete... • https://github.com/innocommerce/innoshop • CWE-23: Relative Path Traversal •

CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-52921

https://notcve.org/view.php?id=CVE-2025-52921

23 Jun 2025 — In Innoshop through 0.4.1, an authenticated attacker could exploit the File Manager functions in the admin panel to achieve code execution on the server, by uploading a crafted file and then renaming it to have a .php extension by using the Rename Function. This bypasses the initial check that uploaded files are image files. The application relies on frontend checks to restrict the administrator from changing the extension of uploaded files to .php. This restriction is easily bypassed with any proxy tool (e... • https://github.com/innocommerce/innoshop • CWE-420: Unprotected Alternate Channel •