Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

MStore API – Create Native Android & iOS Apps On The Cloud — Vulnerabilities & Security Advisories 21

All 21 CVE vulnerabilities found in MStore API – Create Native Android & iOS Apps On The Cloud, with AI-generated Chinese analysis, references, and POCs.

Vendor: inspireui

CVE IDTitleCVSSSeverityPublished
CVE-2026-3568 MStore API <= 4.18.3 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary User Meta Update CWE-639 4.3 Medium2026-04-09
CVE-2025-4683 MStore API – Create Native Android & iOS Apps On The Cloud <= 4.17.5 - Missing Authorization to Authenticated (Subscriber+) Posts Creation CWE-862 4.3 Medium2025-05-27
CVE-2025-3438 MStore API – Create Native Android & iOS Apps On The Cloud <= 4.17.4 - Unauthenticated Limited Privilege Escalation CWE-269 6.5 Medium2025-05-02
CVE-2024-12042 MStore API – Create Native Android & iOS Apps On The Cloud <= 4.16.4 - Authenticated (Subscriber+) HTML File Upload (Stored Cross-Site Scripting) CWE-434 5.4 Medium2024-12-13
CVE-2024-11179 MStore API <= 4.15.7 - Authenticated (Subscriber+) SQL Injection CWE-89 6.5 Medium2024-11-20
CVE-2024-8242 MStore API – Create Native Android & iOS Apps On The Cloud <= 4.15.3 - Authenticated (Subscriber+) Limited Arbitrary File Upload CWE-434 4.3 Medium2024-09-13
CVE-2024-8269 MStore API – Create Native Android & iOS Apps On The Cloud <= 4.15.3 - Unauthorized User Registration CWE-284 7.3 High2024-09-13
CVE-2024-7628 MStore API – Create Native Android & iOS Apps On The Cloud <= 4.15.2 - Authentication Bypass to Account Takeover CWE-288 8.1 High2024-08-15
CVE-2024-6328 MStore API – Create Native Android & iOS Apps On The Cloud <= 4.14.7 - Authentication Bypass CWE-288 9.8 Critical2024-07-12
CVE-2023-3277 MStore API <= 4.10.7 - Unauthorized Account Access and Privilege Escalation CWE-288 9.8 Critical2023-11-03
CVE-2023-3202 MStore API <= 3.9.6 - Cross-Site Request Forgery to Firebase Server Key Update CWE-352 4.3 Medium2023-07-12
CVE-2023-3199 MStore API <= 3.9.6 - Cross-Site Request Forgery to Order Title Update CWE-352 4.3 Medium2023-07-12
CVE-2023-3197 MStore API <= 4.0.1 - Unauthenticated SQL Injection CWE-89 9.8 Critical2023-06-24
CVE-2023-3198 MStore API <= 3.9.6 - Cross-Site Request Forgery to Order Status Update CWE-352 4.3 Medium2023-06-14
CVE-2023-3201 MStore API <= 3.9.6 - Cross-Site Request Forgery to Order Title Update CWE-352 4.3 Medium2023-06-14
CVE-2023-3200 MStore API <= 3.9.6 - Cross-Site Request Forgery to Order Message Update CWE-352 4.3 Medium2023-06-14
CVE-2023-3203 MStore API <= 3.9.6 - Cross-Site Request Forgery to Product Limit Update CWE-352 4.3 Medium2023-06-14
CVE-2020-36713 MStore API <= 2.1.5 - Authentication Bypass CWE-288 9.8 Critical2023-06-07
CVE-2023-2732 MStore API <= 3.9.2 - Authentication Bypass CWE-288 9.8 Critical2023-05-25
CVE-2023-2733 MStore API <= 3.9.0 - Authentication Bypass CWE-288 9.8 Critical2023-05-25
CVE-2023-2734 MStore API <= 3.9.1 - Authentication Bypass CWE-288 9.8 Critical2023-05-25

All 21 known CVE vulnerabilities affecting MStore API – Create Native Android & iOS Apps On The Cloud with full Chinese analysis, references, and POCs where available.