PT-2025-27001 · Unknown · Linlinjava Litemall

Name of the Vulnerable Software and Affected Versions: linlinjava litemall version 1.8.0 Description: A problematic issue was found in the software, affecting an unknown function of the file /wx/comment/post. The manipulation of the adminComment argument leads to improper authorization, allowing...

CVE-2024-6452

A vulnerability classified as critical was found in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file AdminGoodscontroller.java. The manipulation of the argument goodsId/goodsSn/name leads to sql injection. The attack can be launched remotely...

CVE-2024-24323

SQL injection vulnerability in linlinjava litemall v.1.8.0 allows a remote attacker to obtain sensitive information via the nickname, consignee, orderSN, orderStatusArray parameters of the AdminOrdercontroller.java component...

CVE-2024-46382

A SQL injection vulnerability in linlinjava litemall 1.8.0 allows a remote attacker to obtain sensitive information via the goodsId, goodsSn, and name parameters in AdminOrderController.java...

CVE-2024-46382

A SQL injection vulnerability in linlinjava litemall 1.8.0 allows a remote attacker to obtain sensitive information via the goodsId, goodsSn, and name parameters in AdminOrderController.java...

CVE-2024-46382

A SQL injection vulnerability in linlinjava litemall 1.8.0 allows a remote attacker to obtain sensitive information via the goodsId, goodsSn, and name parameters in AdminOrderController.java...

CVE-2024-46382

CVE-2024-46382 describes a SQL injection in linlinjava’s Litemall 1.8.0. The vulnerability affects the AdminGoodsController.java parameters goodsId, goodsSn, and name, enabling a remote attacker to exfiltrate sensitive information. The root cause is a missing/insufficient input sanitization or pa...

CVE-2024-6452

A vulnerability classified as critical was found in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file AdminGoodscontroller.java. The manipulation of the argument goodsId/goodsSn/name leads to sql injection. The attack can be launched remotely...

CVE-2024-6452 linlinjava litemall AdminGoodscontroller.java sql injection

A vulnerability classified as critical was found in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file AdminGoodscontroller.java. The manipulation of the argument goodsId/goodsSn/name leads to sql injection. The attack can be launched remotely...

CVE-2024-24323

SQL injection vulnerability in linlinjava litemall v.1.8.0 allows a remote attacker to obtain sensitive information via the nickname, consignee, orderSN, orderStatusArray parameters of the AdminOrdercontroller.java component...

PT-2024-20358 · Linlinjava · Litemall

Name of the Vulnerable Software and Affected Versions: linlinjava litemall version 1.8.0 Description: The issue allows a remote attacker to obtain sensitive information via the nickname, consignee, orderSN, orderStatusArray parameters of the AdminOrdercontroller.java component. This is a SQL...

CVE-2024-24323

CVE-2024-24323 is a SQL injection vulnerability affecting linlinjava litemall v.1.8.0. The issue arises in AdminOrdercontroller.java where the nickname, consignee, orderSN, and orderStatusArray parameters can be exploited by an attacker to access sensitive information. Multiple sources (NVD, Red ...

CVE-2024-24323

SQL injection vulnerability in linlinjava litemall v.1.8.0 allows a remote attacker to obtain sensitive information via the nickname, consignee, orderSN, orderStatusArray parameters of the AdminOrdercontroller.java component...