Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Bagisto has SSTI in parameter that can lead to RCE
Vulnerability Description
Bagisto is an open source laravel eCommerce platform. Versions prior to 2.3.10 are vulnerable to server-side template injection via type parameter, which can lead to remote code execution or another exploitation. Version 2.3.10 fixes the issue.
CVSS Information
N/A
Vulnerability Type
CWE-1336
Vulnerability Title
Webkul Software Bagisto 安全漏洞
Vulnerability Description
Webkul Software Bagisto是印度Webkul Software公司的一套开源的电子商务框架。 Webkul Software Bagisto 2.3.10之前版本存在安全漏洞,该漏洞源于服务器端模板注入,可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A