shopxo

shopxo copied to clipboard

carr0t2

`$temp_file[0]` would make it more concise

Hk-tang

[注册 form 页面](https://github.com/gongfuxiang/shopxo/blob/master/app/index/view/default/user/reg_info.html#L72)跟[js](https://github.com/gongfuxiang/shopxo/blob/master/public/static/common/js/common.js#L270)获取属性流程根本走不下去，原因是 form 表单中没有`editor-tag`的属性，希望作者可以重视并修复 @gongfuxiang

phpxianyu

nginx端口8443 php版本 7.2.24 ``` * @author Devil * @blog http://gong.gg/ * @version 0.0.1 * @datetime 2016-12-03T21:58:54+0800 * @param [string] $url [url地址] * @param [string] $data [发送参数] */ function FsockopenPost($url, $data...

0987363

Affects version `shopxo 2.2.0` After entering the management page as admininstrator there is an arbitrary file upload vulnerability in 3 locations , you can upload webshell into the site. ##...

br4nd0nsu3

bug：v2.2.0订单提交后报错：商品信息为空

1

2.2.0 从github安装后，购买商品时，选择商品规格报错： 商品id有误。订单提交后报错：商品信息为空

guojiahuiEmily

bug: 退款时选择了理由后立即提示：请选择退款理由

1

bug: 退款时选择了理由后立即提示：请选择退款理由

guojiahuiEmily

Can I ask you according to GitHub recommendation create create a SECURITY.md file to someone like me report security vulnerabilities in a confidential communicational channel ?

am0o0

Hey there! I'd like to report a security issue but cannot find contact instructions on your repository. If not a hassle, might you kindly add a `SECURITY.md` file with an...

zidingz

unrestricted file upload vulnerability

1

You previously fixed one vulnerability of the theme file upload .   But now there is a similar vulnerability in `/app/admin/appmini.php`,because you didn't use the above method.  ...

P0wfuu