No Patch, Full Exploit: CVSS 9.9 RCE & IDOR Flaws in InnoShop eCommerce Platform

June 23, 2025

No Patch, Full Exploit: CVSS 9.9 RCE & IDOR Flaws in InnoShop eCommerce Platform

Security researcher TheHiker disclosured three serious vulnerabilities in InnoShop, an open-source eCommerce system built on Laravel 12.
These issues—ranging from insecure direct object references (ID …

Published Date:
Jun 24, 2025 (58 minutes ago)

Vulnerabilities has been mentioned in this article.

Source: Read More

Previous ArticleFrom Bypass to Root: Mandiant Red Team Exploits CVE-2025-2171 and CVE-2025-2172 in Aviatrix Cloud Controller

Next Article CVE-2025-5777 – Critical Citrix NetScaler Vulnerability

Highlights

CVE-2025-48782 – Soar Cloud HRD File Upload Command Execution Vulnerability

June 6, 2025

CVE ID : CVE-2025-48782

Published : June 6, 2025, 10:15 a.m. | 1 hour, 34 minutes ago

Description : An unrestricted upload of file with dangerous type vulnerability in the upload file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a malicious file.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

pxtone collab is a sample-based music editor

April 27, 2025

CVE-2025-6087 – Cloudflare Open Next SSRF

June 16, 2025

Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals

May 2, 2025

CodeSOD: Across the 4th Dimension

Cursor vs GitHub Copilot (2025): Which AI Platform Wins for Your Node.js Dev Team?

NuGet adds support for Trusted Publishing

AWS launches IDE extension for building browser automation agents

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

DistroWatch Weekly, Issue 1140

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

IDC ServiceScape for Microsoft Power Apps Low-Code/No-Code Custom Application Development Services

A Stream-Oriented UI library for interactive web applications

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

No Patch, Full Exploit: CVSS 9.9 RCE & IDOR Flaws in InnoShop eCommerce Platform

No Patch, Full Exploit: CVSS 9.9 RCE & IDOR Flaws in InnoShop eCommerce Platform

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Windows 11 closing in on top spot as most used desktop OS

CVE-2025-20213 – Cisco Catalyst SD-WAN Manager Local File System Overwrite Vulnerability

Fueling Success Through Work-Life Balance and Self-Care

Shift Left Testing Principles: Catch Bugs Early, Deliver Faster

CVE-2025-48782 – Soar Cloud HRD File Upload Command Execution Vulnerability

pxtone collab is a sample-based music editor

CVE-2025-6087 – Cloudflare Open Next SSRF

Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals

No Patch, Full Exploit: CVSS 9.9 RCE & IDOR Flaws in InnoShop eCommerce Platform

No Patch, Full Exploit: CVSS 9.9 RCE & IDOR Flaws in InnoShop eCommerce Platform

Related Posts