📦 Sparkshop

Name: Sparkshop
Author: Sparkshop

by Sparkshop

🔍 What is Sparkshop?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2025-50722

CRITICAL CVSS 9.8 Aug 25, 2025

This CVE describes an insecure permissions vulnerability in sparkshop v1.1.7 that allows remote attackers to execute arbitrary code via the Common.php component. This is a critical remote code executi...

CVE-2024-40425

CRITICAL CVSS 9.8 Jul 16, 2024

This CVE describes a critical file upload vulnerability in Sparkshop (Spark Mall B2C Mall) that allows remote attackers to upload malicious files and execute arbitrary code on affected systems. The vu...

CVE-2024-57685

MEDIUM CVSS 5.3 Feb 24, 2025

This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable versions of sparkshop by uploading a specially crafted PHAR file. Attackers can achieve remote code e...

CVE-2024-48107

MEDIUM CVSS 6.5 Oct 28, 2024

SparkShop versions up to 1.1.7 contain a server-side request forgery (SSRF) vulnerability that allows attackers to make the server send requests to internal network resources. This enables port scanni...