CVE-2020-24220

HIGH

8.8

CVSS Severity Score

EPSS Score0.0340%

EPSS Percentile35.88th

PublishedAug 17, 2020

Last ModifiedNov 21, 2024

Vulnerability Description

ShopXO v1.8.1 has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands and gain control of the server.

Affected Platforms (CPE)

📦

Shopxo

= 1.8.1

References & Advisories

🔗 https://www.cnvd.org.cn/flaw/show/CNVD-2020-42698

Related Vulnerabilities

CVE-2019-58869.8

An issue was discovered in ShopXO 1.2.0. In the application\install\controller\Index.php file, there is no validation lock file in...

CVE-2021-278179.8

A remote command execution vulnerability in shopxo 1.9.3 allows an attacker to upload malicious code generated by phar where the s...

CVE-2020-197789.8

Incorrect Access Control in Shopxo v1.4.0 and v1.5.0 allows remote attackers to gain privileges in "/index.php" by manipulating th...

CVE-2020-260077.8

An arbitrary file upload vulnerability in the upload payment plugin of ShopXO v1.9.0 allows attackers to execute arbitrary code vi...