55 matches found
CVE-2023-4445
A vulnerability, which was classified as critical, has been found in Mini-Tmall up to 20230811. Affected by this issue is some unknown functionality of the file product/1/1?test=1&test2=2&. The manipulation of the argument orderBy leads to sql injection. The attack may be launched remotely. The...
CVE-2023-4445
A vulnerability, which was classified as critical, has been found in Mini-Tmall up to 20230811. Affected by this issue is some unknown functionality of the file product/1/1?test=1&test2=2&. The manipulation of the argument orderBy leads to sql injection. The attack may be launched remotely. The...
Sql injection
A vulnerability, which was classified as critical, has been found in Mini-Tmall up to 20230811. Affected by this issue is some unknown functionality of the file product/1/1?test=1&test2=2&. The manipulation of the argument orderBy leads to sql injection. The attack may be launched remotely. The...
CVE-2023-4445
CVE-2023-4445 impacts Mini-Tmall up to 20230811. A vulnerability in the function/file path product/1/1?test=1&test2=2& allows SQL injection via manipulation of the orderBy argument. The issue can be exploited remotely; exploitation details are disclosed publicly. A patch/version that fixes this i...
CVE-2023-4445 Mini-Tmall sql injection
A vulnerability, which was classified as critical, has been found in Mini-Tmall up to 20230811. Affected by this issue is some unknown functionality of the file product/1/1?test=1&test2=2&. The manipulation of the argument orderBy leads to sql injection. The attack may be launched remotely. The...
PT-2023-29243 · Unknown · Mini-Tmall
Name of the Vulnerable Software and Affected Versions: Mini-Tmall versions up to 20230811 Description: A critical issue has been found, affecting some unknown functionality of the file product/1/1?test=1&test2=2&, allowing for SQL injection through the manipulation of the orderBy argument. This...
Mini-Tmall SQL注入漏洞
Mini-Tmall is a Spring Boot-based mini-Tmall mall, fast deployment runtime, suitable for use as a Bijou template. Mini-Tmall suffers from a SQL injection vulnerability, which stems from the fact that incorrect manipulation of the parameter orderBy can lead to sql injection...
CVE-2022-30929
Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper...
CVE-2022-30929
Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper...
CVE-2022-30929
Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper...
Design/Logic Flaw
Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper...
CVE-2022-30929
CVE-2022-30929 affects Mini-Tmall v1.0 and is described as vulnerable to insecure permissions via the Tomcat Jasper embedding component (tomcat-embed-jasper). Several connected sources reiterate an insecure privilege/permission issue, including Red Hat and CNNVD entries, which label it as an inse...
CVE-2022-30929
Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper...
Mini-Tmall 安全漏洞
Mini-Tmall is a Spring Boot-based mini-Tmall mall , fast deployment run , suitable for use as a Bijou template . A security vulnerability exists in Mini-Tmall v1.0. An attacker exploits the vulnerability to perform an insecure privilege attack via tomcat-embed-jasper...
SQL Injection Vulnerability in Mini-Tmall Framework Front and Backend
Mini Tmall Mini Tmall is a Spring Boot-based integrated B2C e-commerce platform, the requirements of the design of the main reference Tmall shopping process: users start from registration, to complete the login, browse the products, add a shopping cart, place an order, confirm receipt, evaluation...