EUVD-2026-30716

A security flaw has been discovered in linlinjava litemall up to 1.8.0. This impacts the function list of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/web/WxGoodsController.java of the component Front-end WeChat API. Performing a manipulation results in sql injection. Remote...

org.linlinjava:litemall-wx-api has an Injection issue

A security flaw has been discovered in linlinjava litemall up to 1.8.0. This impacts the function list of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/web/WxGoodsController.java of the component Front-end WeChat API. Performing a manipulation results in SQL injection. Remote...

CVE-2026-8771

A security flaw has been discovered in linlinjava litemall up to 1.8.0. This impacts the function list of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/web/WxGoodsController.java of the component Front-end WeChat API. Performing a manipulation results in sql injection. Remote...

CVE-2026-8771 linlinjava litemall Front-end WeChat API WxGoodsController.java list sql injection

A security flaw has been discovered in linlinjava litemall up to 1.8.0. This impacts the function list of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/web/WxGoodsController.java of the component Front-end WeChat API. Performing a manipulation results in sql injection. Remote...

CVE-2026-8771 linlinjava litemall Front-end WeChat API WxGoodsController.java list sql injection

A security flaw has been discovered in linlinjava litemall up to 1.8.0. This impacts the function list of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/web/WxGoodsController.java of the component Front-end WeChat API. Performing a manipulation results in sql injection. Remote...

CVE-2026-8771

A security flaw has been discovered in linlinjava litemall up to 1.8.0. This impacts the function list of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/web/WxGoodsController.java of the component Front-end WeChat API. Performing a manipulation results in sql injection. Remote...

JPACookieShop 代码问题漏洞

JPACookieShop is a cake mall platform software by Jerryshensjf individual developer. A code issue vulnerability exists in JPACookieShop version 1.0, which stems from an incorrect operation of the function addGoods in the file GoodsController.java resulting in unlimited uploads...

CVE-2025-0405

A vulnerability was found in liujianview gymxmjpa 1.0 and classified as critical. This issue affects the function GoodsDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/GoodsController.java. The manipulation of the argument goodsName leads to sql injection. The attack may be...

CVE-2024-6452

A vulnerability classified as critical was found in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file AdminGoodscontroller.java. The manipulation of the argument goodsId/goodsSn/name leads to sql injection. The attack can be launched remotely...

PT-2024-37639 · Litemall · Litemall

Name of the Vulnerable Software and Affected Versions: litemall versions up to 1.8.0 Description: A critical issue was found in the AdminGoodscontroller.java file, where the manipulation of the goodsId, goodsSn, and name arguments leads to SQL injection. This issue can be exploited remotely...

Manage 跨站脚本漏洞

Manage is a simple login and registration system based on Vue-Cli and Thinkphp. A cross-site scripting vulnerability exists in manage, which stems from a cross-site scripting XSS vulnerability in Application/Home/Controller/GoodsController.class.php. The exit function will terminate the script an...

SQL Injection Vulnerability in iZhanCMS v2.1 GoodsController.php Page

Station CMS is an open source and free CMS content management system. iZhanCMS v2.1 SQL injection vulnerability exists in the GoodsController.php page, which can be exploited by attackers to obtain sensitive information from the database...

Ke361 Taoist Mall system GoodsController.class.php parameter id has SQL injection vulnerability

Ke361 is an open source Taobao system. A SQL injection vulnerability exists in the GoodsController.class.php parameter id of the Ke361 Taobao Mall system. Attackers can use to change the vulnerability to obtain database information...