CVE-2025-13117

A security vulnerability has been detected in macrozheng mall-swarm and mall up to 1.0.3. Affected by this vulnerability is the function cancelOrder of the file /order/cancelOrder. The manipulation of the argument orderId leads to improper authorization. The attack can be initiated remotely. The...

JPACookieShop 跨站脚本漏洞

JPACookieShop is a cake mall platform software by Jerryshensjf individual developer. JPACookieShop cross-site scripting vulnerability, the vulnerability stems from the file GoodsCustController.java function goodsSearch parameter keyword leads to cross-site scripting...

SQL Injection Vulnerability in DSMall (CNVD-2020-27266)

DSMall is a simple and easy to operate, can help enterprises quickly build a comprehensive mall platform similar to Jingdong / Tmall system. DSMall suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain database information...

PHP Scripts Mall Classified Ads Script Reflective HTML Injection Vulnerability

PHP Scripts Mall Classified Ads Script is a classified ads script. PHP Scripts Mall Classified Ads Script 3.2.2 suffers from a reflected HTML injection vulnerability. An attacker can exploit this vulnerability to perform HTML injection via a search form...