8 matches found
CVE-2026-8773 linlinjava litemall Database Setting DbUtil.java load argument injection
A security vulnerability has been detected in linlinjava litemall up to 1.8.0. Affected by this vulnerability is the function backup/load of the file litemall-db/src/main/java/org/linlinjava/litemall/db/util/DbUtil.java of the component Database Setting Handler. The manipulation of the argument...
CVE-2025-8991 linlinjava litemall Business Logic express logic error
A vulnerability was identified in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file /admin/config/express of the component Business Logic Handler. The manipulation of the argument litemallexpressfreightmin leads to business logic errors. The...
CVE-2025-8991
CVE-2025-8991 affects linlinjava litemall versions up to 1.8.0. The vulnerability resides in the Business Logic Handler’s /admin/config/express, where manipulating the litemall_express_freight_min parameter triggers business logic errors. The issue is exploitable remotely and publicized. PT-2025-...
CVE-2025-8974
A vulnerability was determined in linlinjava litemall up to 1.8.0. Affected by this issue is some unknown functionality of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/util/JwtHelper.java of the component JSON Web Token Handler. The manipulation of the argument SECRET with th...
CVE-2025-8974 linlinjava litemall JSON Web Token JwtHelper.java hard-coded credentials
A vulnerability was determined in linlinjava litemall up to 1.8.0. Affected by this issue is some unknown functionality of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/util/JwtHelper.java of the component JSON Web Token Handler. The manipulation of the argument SECRET with th...
CVE-2025-8965
A vulnerability has been found in linlinjava litemall up to 1.8.0. This vulnerability affects the function create of the file litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java of the component Endpoint. The manipulation of the argument File leads to...
litemall 安全漏洞
litemall is a small mall system for linlinjava individual developers. A security vulnerability exists in litemall 1.8.0 and earlier versions, which stems from the incorrect manipulation of the parameter SECRET in the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/util/JwtHelper.jav...
litemall 安全漏洞
litemall is a small shopping mall system for linlinjava individual developers. A security vulnerability exists in litemall version 1.8.0, which stems from improper authorization due to misuse of the parameter adminComment in the file /wx/comment/post...