12 matches found
Malicious Package
Overview @aftersale/react-eva is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-29026
Malicious code in bioql PyPI...
CVE-2025-10291
A weakness has been identified in linlinjava litemall up to 1.8.0. This affects the function WxAftersaleController of the file /wx/aftersale/cancel. Executing manipulation of the argument ID can lead to improper authorization. The attack can be executed remotely. The exploit has been made availab...
CVE-2025-10291
A weakness has been identified in linlinjava litemall up to 1.8.0. This affects the function WxAftersaleController of the file /wx/aftersale/cancel. Executing manipulation of the argument ID can lead to improper authorization. The attack can be executed remotely. The exploit has been made availab...
CVE-2025-10291 linlinjava litemall cancel WxAftersaleController improper authorization
A weakness has been identified in linlinjava litemall up to 1.8.0. This affects the function WxAftersaleController of the file /wx/aftersale/cancel. Executing manipulation of the argument ID can lead to improper authorization. The attack can be executed remotely. The exploit has been made availab...
CVE-2025-10291
Affects linlinjava litemall up to 1.8.0. The vulnerability resides in WxAftersaleController at /wx/aftersale/cancel, where manipulating the ID argument can cause improper authorization. Exploitation can be performed remotely, and public exploits exist. Multiple sources confirm the issue and note ...
CVE-2025-10291 linlinjava litemall cancel WxAftersaleController improper authorization
A weakness has been identified in linlinjava litemall up to 1.8.0. This affects the function WxAftersaleController of the file /wx/aftersale/cancel. Executing manipulation of the argument ID can lead to improper authorization. The attack can be executed remotely. The exploit has been made availab...
CVE-2025-10291 linlinjava litemall cancel WxAftersaleController improper authorization
A weakness has been identified in linlinjava litemall up to 1.8.0. This affects the function WxAftersaleController of the file /wx/aftersale/cancel. Executing manipulation of the argument ID can lead to improper authorization. The attack can be executed remotely. The exploit has been made availab...
PT-2025-37288
Name of the Vulnerable Software and Affected Versions: linlinjava litemall versions up to 1.8.0 Description: A weakness exists in linlinjava litemall up to version 1.8.0. The issue affects the WxAftersaleController function within the /wx/aftersale/cancel file. Manipulation of the ID argument can...
litemall 授权问题漏洞
litemall is a small mall system for linlinjava individual developers. An authorization issue vulnerability exists in litemall 1.8.0 and earlier versions, which stems from incorrect manipulation of the parameter ID of the function WxAftersaleController in the file /wx/aftersale/cancel, which could...
Malicious code in @aftersale/react-eva (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-754 Malicious code in @aftersale/react-eva (npm)
--- -= Per source details. Do not edit below this line.=-...