Lucene search
+L

5 matches found

EUVD
EUVD
added 2026/02/08 9:32 a.m.12 views

EUVD-2026-5803

A security flaw has been discovered in guchengwuyue yshopmall up to 1.9.1. This affects the function updateAvatar of the file /api/users/updateAvatar of the component co.yixiang.utils.FileUtil. Performing a manipulation of the argument File results in unrestricted upload. The attack is possible t...

6.5CVSS6.1AI score0.00298EPSS
Exploits1References6
CVE
CVE
added 2026/02/08 9:32 a.m.25 views

CVE-2026-2146

The CVE-2026-2146 affects guchengwuyue yshopmall up to version 1.9.1. It targets the updateAvatar function in co.yixiang.utils.FileUtil, where manipulating the File argument enables unrestricted remote upload. An exploit has been publicly released; the project was informed of the issue but has no...

8.8CVSS6.2AI score0.00298EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/08 12:0 a.m.20 views

PT-2026-6973

Name of the Vulnerable Software and Affected Versions guchengwuyue yshopmall versions up to 1.9.1 Description A security flaw exists in guchengwuyue yshopmall up to version 1.9.1. The issue is related to unrestricted upload, stemming from manipulation of the File argument within the updateAvatar...

6.5CVSS5.3AI score0.00298EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/01/09 5:2 p.m.29 views

CVE-2025-15496 guchengwuyue yshopmall jobs getPage sql injection

A vulnerability was determined in guchengwuyue yshopmall up to 1.9.1. Affected is the function getPage of the file /api/jobs. This manipulation of the argument sort causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The project...

6.5CVSS0.00348EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/03/04 12:0 a.m.5 views

yshopmall SQL注入漏洞

yshopmall is a mall system by guchengwuyue individual developer. A SQL injection vulnerability exists in yshopmall 1.9.0 and earlier versions, which stems from a SQL injection issue...

7.2CVSS7.9AI score0.00408EPSS
Exploits1References3
Rows per page
Query Builder