69 matches found
CVE-2025-8764
A vulnerability classified as critical has been found in linlinjava litemall up to 1.8.0. Affected is the function Upload of the file /wx/storage/upload. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2025-8764
A vulnerability classified as critical has been found in linlinjava litemall up to 1.8.0. Affected is the function Upload of the file /wx/storage/upload. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2025-8764
A vulnerability classified as critical has been found in linlinjava litemall up to 1.8.0. Affected is the function Upload of the file /wx/storage/upload. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2025-8764 linlinjava litemall upload unrestricted upload
A vulnerability classified as critical has been found in linlinjava litemall up to 1.8.0. Affected is the function Upload of the file /wx/storage/upload. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2025-8764 linlinjava litemall upload unrestricted upload
A vulnerability classified as critical has been found in linlinjava litemall up to 1.8.0. Affected is the function Upload of the file /wx/storage/upload. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2025-8764
CVE-2025-8764 affects linlinjava litemall up to version 1.8.0. The vulnerability is in the Upload function of /wx/storage/upload, where manipulating the File argument leads to unrestricted file upload. It can be exploited remotely and exploit details have been disclosed publicly. Remediation per ...
CVE-2025-8753
A vulnerability, which was classified as critical, has been found in linlinjava litemall up to 1.8.0. Affected by this issue is the function delete of the file /admin/storage/delete of the component File Handler. The manipulation of the argument key leads to path traversal. The attack may be...
CVE-2025-8753
A vulnerability, which was classified as critical, has been found in linlinjava litemall up to 1.8.0. Affected by this issue is the function delete of the file /admin/storage/delete of the component File Handler. The manipulation of the argument key leads to path traversal. The attack may be...
CVE-2025-8753 linlinjava litemall File delete path traversal
A vulnerability, which was classified as critical, has been found in linlinjava litemall up to 1.8.0. Affected by this issue is the function delete of the file /admin/storage/delete of the component File Handler. The manipulation of the argument key leads to path traversal. The attack may be...
CVE-2025-8753
CVE-2025-8753 affects linlinjava litemall up to version 1.8.0. The vulnerability resides in the File Handler’s delete function at /admin/storage/delete, where manipulation of the key parameter enables path traversal. The issue can be exploited remotely and the public exploit is disclosed. Affecte...
CVE-2025-8753 linlinjava litemall File delete path traversal
A vulnerability, which was classified as critical, has been found in linlinjava litemall up to 1.8.0. Affected by this issue is the function delete of the file /admin/storage/delete of the component File Handler. The manipulation of the argument key leads to path traversal. The attack may be...
PT-2025-32451 · Linlinjava · Litemall
Name of the Vulnerable Software and Affected Versions: linlinjava litemall versions prior to 1.8.1 Description: A critical issue exists in linlinjava litemall up to version 1.8.0. The Upload function within the /wx/storage/upload file is susceptible to unrestricted file upload due to manipulation...
CVE-2025-6702
A vulnerability, which was classified as problematic, was found in linlinjava litemall 1.8.0. Affected is an unknown function of the file /wx/comment/post. The manipulation of the argument adminComment leads to improper authorization. It is possible to launch the attack remotely. The exploit has...
CVE-2025-6702 linlinjava litemall post improper authorization
A vulnerability, which was classified as problematic, was found in linlinjava litemall 1.8.0. Affected is an unknown function of the file /wx/comment/post. The manipulation of the argument adminComment leads to improper authorization. It is possible to launch the attack remotely. The exploit has...
CVE-2025-6702 linlinjava litemall post improper authorization
A vulnerability, which was classified as problematic, was found in linlinjava litemall 1.8.0. Affected is an unknown function of the file /wx/comment/post. The manipulation of the argument adminComment leads to improper authorization. It is possible to launch the attack remotely. The exploit has...
CVE-2025-6702
CVE-2025-6702 affects linlinjava litemall 1.8.0. Affected is an unknown function in the file /wx/comment/post where manipulating the adminComment parameter leads to improper authorization. Attacker can exploit remotely, and the exploit has been disclosed publicly. The vendor was contacted early b...
PT-2025-27001 · Unknown · Linlinjava Litemall
Name of the Vulnerable Software and Affected Versions: linlinjava litemall version 1.8.0 Description: A problematic issue was found in the software, affecting an unknown function of the file /wx/comment/post. The manipulation of the adminComment argument leads to improper authorization, allowing...
CVE-2024-6452
A vulnerability classified as critical was found in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file AdminGoodscontroller.java. The manipulation of the argument goodsId/goodsSn/name leads to sql injection. The attack can be launched remotely...
CVE-2024-24323
SQL injection vulnerability in linlinjava litemall v.1.8.0 allows a remote attacker to obtain sensitive information via the nickname, consignee, orderSN, orderStatusArray parameters of the AdminOrdercontroller.java component...
CVE-2024-46382
A SQL injection vulnerability in linlinjava litemall 1.8.0 allows a remote attacker to obtain sensitive information via the goodsId, goodsSn, and name parameters in AdminOrderController.java...