VYPR

ShopXO

by ShopXO

CVEs (2)

  • CVE-2026-12204HigJun 15, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in ShopXO up to 6.7.1. This vulnerability affects the function OrderClose/OrderSuccess/PayLogOrderClose/GoodsGiveIntegral of the file app/api/controller/Crontab.php of the component Scheduled Task Endpoint. Executing a manipulation can lead to…

  • CVE-2006-1722Apr 11, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in suche.htm in ShopXS 4.0 allows remote attackers to inject arbitrary web script or HTML via the Suchstring1 (aka search) parameter.