57 matches found
mall-swarm authorization issue vulnerability
mall-swarm is a microservice mall system. An authorization issue vulnerability exists in mall-swarm, which stems from incorrect manipulation of the parameter ids in the file /member/readHistory/delete, for which no detailed vulnerability details are provided at this time...
CVE-2025-14016
A security vulnerability has been detected in macrozheng mall-swarm up to 1.0.3. Affected is the function delete of the file /member/readHistory/delete. Such manipulation of the argument ids leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed...
EUVD-2025-201256
A security vulnerability has been detected in macrozheng mall-swarm up to 1.0.3. Affected is the function delete of the file /member/readHistory/delete. Such manipulation of the argument ids leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed...
CVE-2025-14016
A security vulnerability has been detected in macrozheng mall-swarm up to 1.0.3. Affected is the function delete of the file /member/readHistory/delete. Such manipulation of the argument ids leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed...
CVE-2025-14016
A security vulnerability has been detected in macrozheng mall-swarm up to 1.0.3. Affected is the function delete of the file /member/readHistory/delete. Such manipulation of the argument ids leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed...
CVE-2025-14016
CVE-2025-14016 affects macrozheng mall-swarm up to version 1.0.3. The vulnerability resides in the delete function of /member/readHistory/delete, where manipulation of the ids argument leads to improper authorization. The issue is exploitable remotely, and public exploits have been disclosed. Mul...
CVE-2025-14016 macrozheng mall-swarm delete improper authorization
A security vulnerability has been detected in macrozheng mall-swarm up to 1.0.3. Affected is the function delete of the file /member/readHistory/delete. Such manipulation of the argument ids leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed...
CVE-2025-14016 macrozheng mall-swarm delete improper authorization
A security vulnerability has been detected in macrozheng mall-swarm up to 1.0.3. Affected is the function delete of the file /member/readHistory/delete. Such manipulation of the argument ids leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed...
mall-swarm 授权问题漏洞
mall-swarm is a microservice mall system. An authorization issue vulnerability exists in mall-swarm, which stems from incorrect manipulation of the parameter ids in the file /member/readHistory/delete, for which no detailed vulnerability details are provided at this time...
PT-2025-49114
A security vulnerability has been detected in macrozheng mall-swarm up to 1.0.3. Affected is the function delete of the file /member/readHistory/delete. Such manipulation of the argument ids leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed...
mall-swarm authorization issue vulnerability (CNVD-2026-10878)
mall-swarm is a microservice mall system. There is an authorization issue vulnerability in mall-swarm, which originates from the improper handling of the orderId parameter in the cancelUserOrder function in the file /order/cancelUserOrder, and no detailed vulnerability details are provided...
Unspecified vulnerability in mall-swarm
mall-swarm is a microservice mall system. There is a security vulnerability in mall-swarm, which originates from the mishandling of the orderID parameter in the paySuccess function in the file /order/paySuccess, for which no detailed vulnerability details are available at this time...
mall-swarm authorization issue vulnerability (CNVD-2026-10877)
mall-swarm is a microservice mall system. There is an authorization issue vulnerability in mall-swarm, which originates from the mishandling of the orderId parameter in the cancelOrder function in the file /order/cancelOrder, and no detailed vulnerability details are provided...
mall-swarm authorization issue vulnerability (CNVD-2026-10881)
mall-swarm is a microservice mall system. There is an authorization issue vulnerability in mall-swarm, which originates from an improper authorization issue in the updateAttr function in the file /cart/update/attr. No detailed vulnerability details are available at this time...
mall-swarm authorization issue vulnerability (CNVD-2026-10879)
mall-swarm is a microservice mall system. There is an authorization issue vulnerability in mall-swarm, which originates from the mishandling of the orderId parameter in the detail function in file /order/detail, no details of the vulnerability are provided at this time...
CVE-2025-13118
A vulnerability was detected in macrozheng mall-swarm up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderID results in improper authorization. The attack can be launched remotely. The exploit is now public and may be...
CVE-2025-13117
A security vulnerability has been detected in macrozheng mall-swarm and mall up to 1.0.3. Affected by this vulnerability is the function cancelOrder of the file /order/cancelOrder. The manipulation of the argument orderId leads to improper authorization. The attack can be initiated remotely. The...
CVE-2025-13116
A weakness has been identified in macrozheng mall-swarm and mall up to 1.0.3. Affected is the function cancelUserOrder of the file /order/cancelUserOrder. Executing manipulation of the argument orderId can lead to improper authorization. It is possible to launch the attack remotely. The exploit h...
CVE-2025-13114
A vulnerability was identified in macrozheng mall-swarm up to 1.0.3. This affects the function updateAttr of the file /cart/update/attr. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was...
CVE-2025-13115
A security flaw has been discovered in macrozheng mall-swarm and mall up to 1.0.3. This impacts the function detail of the file /order/detail/ of the component Order Details Handler. Performing manipulation of the argument orderId results in improper authorization. It is possible to initiate the...