Lucene search
K

8 matches found

Cvelist
Cvelist
added 2026/05/18 12:0 a.m.46 views

CVE-2026-8773 linlinjava litemall Database Setting DbUtil.java load argument injection

A security vulnerability has been detected in linlinjava litemall up to 1.8.0. Affected by this vulnerability is the function backup/load of the file litemall-db/src/main/java/org/linlinjava/litemall/db/util/DbUtil.java of the component Database Setting Handler. The manipulation of the argument...

5.8CVSS0.00244EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/08/15 12:32 a.m.4 views

CVE-2025-8991 linlinjava litemall Business Logic express logic error

A vulnerability was identified in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file /admin/config/express of the component Business Logic Handler. The manipulation of the argument litemallexpressfreightmin leads to business logic errors. The...

5.3CVSS7.1AI score0.00299EPSS
Exploits1References5
CVE
CVE
added 2025/08/15 12:32 a.m.31 views

CVE-2025-8991

CVE-2025-8991 affects linlinjava litemall versions up to 1.8.0. The vulnerability resides in the Business Logic Handler’s /admin/config/express, where manipulating the litemall_express_freight_min parameter triggers business logic errors. The issue is exploitable remotely and publicized. PT-2025-...

5.3CVSS7.1AI score0.00299EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/08/14 6:15 p.m.4 views

CVE-2025-8974

A vulnerability was determined in linlinjava litemall up to 1.8.0. Affected by this issue is some unknown functionality of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/util/JwtHelper.java of the component JSON Web Token Handler. The manipulation of the argument SECRET with th...

9.8CVSS6.5AI score
Exploits0References5
Cvelist
Cvelist
added 2025/08/14 6:2 p.m.23 views

CVE-2025-8974 linlinjava litemall JSON Web Token JwtHelper.java hard-coded credentials

A vulnerability was determined in linlinjava litemall up to 1.8.0. Affected by this issue is some unknown functionality of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/util/JwtHelper.java of the component JSON Web Token Handler. The manipulation of the argument SECRET with th...

6.3CVSS0.00488EPSS
Exploits1References5
NVD
NVD
added 2025/08/14 4:15 p.m.18 views

CVE-2025-8965

A vulnerability has been found in linlinjava litemall up to 1.8.0. This vulnerability affects the function create of the file litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java of the component Endpoint. The manipulation of the argument File leads to...

8.8CVSS0.00337EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.4 views

litemall 安全漏洞

litemall is a small mall system for linlinjava individual developers. A security vulnerability exists in litemall 1.8.0 and earlier versions, which stems from the incorrect manipulation of the parameter SECRET in the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/util/JwtHelper.jav...

9.8CVSS6.7AI score0.00488EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/06/26 12:0 a.m.4 views

litemall 安全漏洞

litemall is a small shopping mall system for linlinjava individual developers. A security vulnerability exists in litemall version 1.8.0, which stems from improper authorization due to misuse of the parameter adminComment in the file /wx/comment/post...

5.3CVSS4.9AI score0.0032EPSS
Exploits1References4
Rows per page
Query Builder