Lucene search
K

4 matches found

OSV
OSV
added 2026/02/27 5:18 a.m.5 views

CVE-2026-3287

A security flaw has been discovered in youlaitech youlai-mall 2.0.0. This affects the function listPagedSpuForApp of the file mall-pms/pms-boot/src/main/java/com/youlai/mall/pms/controller/app/SpuController.java of the component App-side Product Pagination Endpoint. Performing a manipulation of t...

9.8CVSS5.6AI score0.0039EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/27 4:2 a.m.6 views

CVE-2026-3287 youlaitech youlai-mall App-side Product Pagination Endpoint SpuController.java listPagedSpuForApp sql injection

A security flaw has been discovered in youlaitech youlai-mall 2.0.0. This affects the function listPagedSpuForApp of the file mall-pms/pms-boot/src/main/java/com/youlai/mall/pms/controller/app/SpuController.java of the component App-side Product Pagination Endpoint. Performing a manipulation of t...

6.5CVSS6.4AI score0.0039EPSS
Exploits1References4
CVE
CVE
added 2026/02/27 4:2 a.m.16 views

CVE-2026-3287

CVE-2026-3287 affects youlaitech youlai-mall 2.0.0, specifically the App-side Product Pagination Endpoint: SpuController.java, listPagedSpuForApp. The vulnerability arises from manipulating the sortField/sort parameters, enabling SQL injection. This is described as remotely exploitable with a pub...

9.8CVSS6.3AI score0.0039EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/02/27 12:0 a.m.8 views

youlai-mall SQL注入漏洞

Youlai-Mall is a full-stack e-commerce system developed by Youlaitech. Version 2.0.0 of Youlai-Mall has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter sortField/sort in the function listPagedSpuForApp located in the...

9.8CVSS6.6AI score0.0039EPSS
Exploits1References5
Rows per page
Query Builder