CVE-2025-8222

A vulnerability, which was classified as problematic, has been found in jerryshensjf JPACookieShop 蛋糕商城JPA版 up to 24a15c02b4f75042c9f7f615a3fed2ec1cefb999. Affected by this issue is some unknown functionality of the file GoodsController.java. The manipulation leads to cross site scripting. The...

CVE-2025-8222 jerryshensjf JPACookieShop 蛋糕商城JPA版 GoodsController.java cross site scripting

A vulnerability, which was classified as problematic, has been found in jerryshensjf JPACookieShop 蛋糕商城JPA版 up to 24a15c02b4f75042c9f7f615a3fed2ec1cefb999. Affected by this issue is some unknown functionality of the file GoodsController.java. The manipulation leads to cross site scripting. The...

CVE-2025-8222 jerryshensjf JPACookieShop 蛋糕商城JPA版 GoodsController.java cross site scripting

A vulnerability, which was classified as problematic, has been found in jerryshensjf JPACookieShop 蛋糕商城JPA版 up to 24a15c02b4f75042c9f7f615a3fed2ec1cefb999. Affected by this issue is some unknown functionality of the file GoodsController.java. The manipulation leads to cross site scripting. The...

JPACookieShop 代码注入漏洞

JPACookieShop is a cake mall platform software by Jerryshensjf individual developer. JPACookieShop has a code injection vulnerability that stems from the file GoodsController.java being vulnerable to cross-site scripting attacks...

CVE-2025-7939

A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0. It has been classified as critical. Affected is the function addGoods of the file GoodsController.java. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely...

CVE-2025-7939

The CVE-2025-7939 entry concerns jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0. The issue is in the addGoods function of GoodsController.java, where input handling allows unrestricted file uploads. This allows remote exploitation as described across multiple sources (NVD, Red Hat, CVE list, PT Security...

CVE-2025-7938 jerryshensjf JPACookieShop 蛋糕商城JPA版 GoodsController.java updateGoods authorization

A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 and classified as critical. This issue affects the function updateGoods of the file GoodsController.java. The manipulation leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to th...

CVE-2025-7938

CVE-2025-7938 affects jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0, with a vulnerability in GoodsController.java.updateGoods that enables authorization bypass. Descriptions from connected sources confirm remote exploitability and public disclosure. Some feeds note no available fix information or patch...

JPACookieShop 安全漏洞

JPACookieShop is a cake mall platform software by Jerryshensjf individual developer. A security vulnerability exists in JPACookieShop version 1.0, which stems from an authorization bypass due to an incorrect operation of the function updateGoods in the file GoodsController.java...