5 matches found
CVE-2025-15118
A security vulnerability has been detected in macrozheng mall up to 1.0.3. This vulnerability affects unknown code of the file /member/address/update/ of the component Member Endpoint. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has...
CVE-2025-13118
A vulnerability was detected in macrozheng mall-swarm and mall up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderID results in improper authorization. The attack can be launched remotely. The exploit is now public a...
CVE-2025-9836
A vulnerability was found in macrozheng mall up to 1.0.3. This vulnerability affects the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderId results in authorization bypass. The attack can be launched remotely. The exploit has been made public and could be...
CVE-2025-8741
CVE-2025-8741 concerns macrozheng mall up to version 1.0.3. The vulnerability affects an unknown functionality of the /admin/login URL and leads to cleartext transmission of sensitive information. It can be exploited remotely with high attack complexity and without user interaction. Exploit detai...
PT-2025-6011 · Unknown · Newbee-Mall
Name of the Vulnerable Software and Affected Versions: newbee-mall version 1.0 Description: A problematic issue has been found in newbee-mall. The save function of the /admin/categories/save API endpoint in the Add Category Page component is affected. The manipulation of the categoryName argument...