Lucene search
+L

4 matches found

osv
osv
added 2025/03/03 1:15 a.m.5 views

CVE-2025-1843

A vulnerability, which was classified as critical, has been found in Mini-Tmall up to 20250211. This issue affects the function select of the file com/xq/tmall/dao/ProductMapper.java. The manipulation of the argument orderBy leads to sql injection. The attack may be initiated remotely. The exploi...

9.8CVSS5.6AI score0.00501EPSS
Exploits1References4
cvelist
cvelist
added 2025/03/03 1:0 a.m.29 views

CVE-2025-1843 Mini-Tmall ProductMapper.java select sql injection

A vulnerability, which was classified as critical, has been found in Mini-Tmall up to 20250211. This issue affects the function select of the file com/xq/tmall/dao/ProductMapper.java. The manipulation of the argument orderBy leads to sql injection. The attack may be initiated remotely. The exploi...

6.5CVSS0.00501EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2025/03/03 1:0 a.m.9 views

CVE-2025-1843 Mini-Tmall ProductMapper.java select sql injection

A vulnerability, which was classified as critical, has been found in Mini-Tmall up to 20250211. This issue affects the function select of the file com/xq/tmall/dao/ProductMapper.java. The manipulation of the argument orderBy leads to sql injection. The attack may be initiated remotely. The exploi...

6.5CVSS6.8AI score0.00501EPSS
Exploits1References4
cve
cve
added 2025/03/03 1:0 a.m.59 views

CVE-2025-1843

CVE-2025-1843 affects Mini-Tmall up to 20250211. The issue lies in the file com/xq/tmall/dao/ProductMapper.java, in the select function where manipulating the argument orderBy enables an SQL injection. The vulnerability can be triggered remotely, and the exploit has been disclosed publicly. Multi...

9.8CVSS6.8AI score0.00501EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder