Lucene search
K

12 matches found

Snyk
Snyk
added 2026/01/28 4:33 p.m.3 views

Malicious Package

Overview @aftersale/react-eva is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-29026

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00313EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/14 6:15 a.m.33 views

CVE-2025-10291

A weakness has been identified in linlinjava litemall up to 1.8.0. This affects the function WxAftersaleController of the file /wx/aftersale/cancel. Executing manipulation of the argument ID can lead to improper authorization. The attack can be executed remotely. The exploit has been made availab...

6.5CVSS6.3AI score0.00313EPSS
Exploits0References1
NVD
NVD
added 2025/09/12 6:15 a.m.9 views

CVE-2025-10291

A weakness has been identified in linlinjava litemall up to 1.8.0. This affects the function WxAftersaleController of the file /wx/aftersale/cancel. Executing manipulation of the argument ID can lead to improper authorization. The attack can be executed remotely. The exploit has been made availab...

8.8CVSS0.00313EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/09/12 5:32 a.m.14 views

CVE-2025-10291 linlinjava litemall cancel WxAftersaleController improper authorization

A weakness has been identified in linlinjava litemall up to 1.8.0. This affects the function WxAftersaleController of the file /wx/aftersale/cancel. Executing manipulation of the argument ID can lead to improper authorization. The attack can be executed remotely. The exploit has been made availab...

6.5CVSS0.00313EPSS
Exploits0References4
CVE
CVE
added 2025/09/12 5:32 a.m.18 views

CVE-2025-10291

Affects linlinjava litemall up to 1.8.0. The vulnerability resides in WxAftersaleController at /wx/aftersale/cancel, where manipulating the ID argument can cause improper authorization. Exploitation can be performed remotely, and public exploits exist. Multiple sources confirm the issue and note ...

8.8CVSS6.3AI score0.00313EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/09/12 5:32 a.m.1 views

CVE-2025-10291 linlinjava litemall cancel WxAftersaleController improper authorization

A weakness has been identified in linlinjava litemall up to 1.8.0. This affects the function WxAftersaleController of the file /wx/aftersale/cancel. Executing manipulation of the argument ID can lead to improper authorization. The attack can be executed remotely. The exploit has been made availab...

5.3CVSS6.3AI score0.00313EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/09/12 5:32 a.m.5 views

CVE-2025-10291 linlinjava litemall cancel WxAftersaleController improper authorization

A weakness has been identified in linlinjava litemall up to 1.8.0. This affects the function WxAftersaleController of the file /wx/aftersale/cancel. Executing manipulation of the argument ID can lead to improper authorization. The attack can be executed remotely. The exploit has been made availab...

6.5CVSS6.3AI score0.00313EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/12 12:0 a.m.10 views

PT-2025-37288

Name of the Vulnerable Software and Affected Versions: linlinjava litemall versions up to 1.8.0 Description: A weakness exists in linlinjava litemall up to version 1.8.0. The issue affects the WxAftersaleController function within the /wx/aftersale/cancel file. Manipulation of the ID argument can...

6.5CVSS6.1AI score0.00313EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/09/12 12:0 a.m.5 views

litemall 授权问题漏洞

litemall is a small mall system for linlinjava individual developers. An authorization issue vulnerability exists in litemall 1.8.0 and earlier versions, which stems from incorrect manipulation of the parameter ID of the function WxAftersaleController in the file /wx/aftersale/cancel, which could...

8.8CVSS6.3AI score0.00313EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/03 4:40 p.m.4 views

Malicious code in @aftersale/react-eva (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2025/02/03 4:40 p.m.2 views

MAL-2025-754 Malicious code in @aftersale/react-eva (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
Rows per page
Query Builder