8 matches found
CVE-2025-8128
CVE-2025-8128 affects zhousg letao. A vulnerability in the product route handling allows manipulation of an upload parameter (pictrdtz) leading to unrestricted file uploads. Exploit remote, disclosed publicly; but exact affected versions are not specified in the provided materials. Some sources n...
CVE-2025-8128 zhousg letao product.js unrestricted upload
A vulnerability, which was classified as critical, has been found in zhousg letao up to 7d8df0386a65228476290949e0413de48f7fbe98. This issue affects some unknown processing of the file routes\bf\product.js. The manipulation of the argument pictrdtz leads to unrestricted upload. The attack may be...
CVE-2025-8128 zhousg letao product.js unrestricted upload
A vulnerability, which was classified as critical, has been found in zhousg letao up to 7d8df0386a65228476290949e0413de48f7fbe98. This issue affects some unknown processing of the file routes\bf\product.js. The manipulation of the argument pictrdtz leads to unrestricted upload. The attack may be...
PT-2025-30725 · Unknown · Zhousg Letao
Name of the Vulnerable Software and Affected Versions: zhousg letao affected versions not specified Description: A critical vulnerability exists in zhousg letao due to unrestricted file upload. The issue stems from improper processing of file routesbfproduct.js, specifically through manipulation ...
letao 代码问题漏洞
letao is a shoe mall by ShuGang Zhou, an individual developer. A code issue vulnerability exists in letao, which stems from the incorrect operation of the parameter pictrdtz in the file routesfproduct.js, resulting in unlimited uploads...
www2.letao-cn.com Cross Site Scripting vulnerability OBB-1329250
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
www2.letao-cn.com Cross Site Scripting vulnerability OBB-1317433
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
www2.letao-cn.com Cross Site Scripting vulnerability OBB-1306446
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...