CVE-2023-46498
08.12.2023, 20:15
An issue in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information and execute arbitrary code via the /deleteCustomer/route.json file.Enginsight
| Vendor | Product | Version |
|---|---|---|
| evershop | evershop | 1.0.0:beta |
| evershop | evershop | 1.0.0:beta1 |
| evershop | evershop | 1.0.0:beta2 |
| evershop | evershop | 1.0.0:beta3 |
| evershop | evershop | 1.0.0:beta4 |
| evershop | evershop | 1.0.0:beta5 |
| evershop | evershop | 1.0.0:rc1 |
| evershop | evershop | 1.0.0:rc2 |
| evershop | evershop | 1.0.0:rc3 |
| evershop | evershop | 1.0.0:rc5 |
| evershop | evershop | 1.0.0:rc6 |
| evershop | evershop | 1.0.0:rc7 |
𝑥
= Vulnerable software versions