Browse all 6 CVE security advisories affecting shopizer-ecommerce. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Shopizer-ecommerce is an open-source e-commerce platform designed for online retailers to build and manage digital storefronts. Historically, it has been susceptible to multiple security vulnerabilities including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation, with six CVEs documented to date. These vulnerabilities often stem from improper input validation and authentication flaws. While no major public security incidents have been widely reported, the platform's vulnerability history suggests a need for rigorous security hardening and regular updates. Organizations implementing Shopizer should prioritize security assessments and apply patches promptly to mitigate potential risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-23063 | Shopizer - Insufficient Session Expiration — ShopizerCWE-613 | 8.8 | High | 2022-05-03 |
| CVE-2022-23061 | Shopizer - IDOR delete superadmin — ShopizerCWE-639 | 6.5 | Medium | 2022-05-01 |
| CVE-2022-23060 | Shopizer - Stored XSS in Manage Files — ShopizerCWE-79 | 4.8 | Medium | 2022-05-01 |
| CVE-2022-23059 | Shopizer - Stored XSS in Manage Images — ShopizerCWE-79 | 4.8 | Medium | 2022-03-29 |
| CVE-2020-11006 | Potential remote code execution in Shopizer — shopizer | 9.1 | Critical | 2020-05-08 |
| CVE-2020-11007 | Negative charge in shopping cart possible in Shopizer — shopizerCWE-20 | 6.5 | Medium | 2020-04-16 |
This page lists every published CVE security advisory associated with shopizer-ecommerce. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.