CVE-2025-1817

A vulnerability classified as problematic was found in Mini-Tmall up to 20250211. This vulnerability affects unknown code of the file /admin of the component Admin Name Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to...

EUVD-2025-5865

Malicious code in bioql PyPI...

EUVD-2022-52681

Malicious code in bioql PyPI...

EUVD-2025-5845

Malicious code in bioql PyPI...

CVE-2022-30929

Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper...

CVE-2025-1843

CVE-2025-1843 affects Mini-Tmall up to 20250211. The issue lies in the file com/xq/tmall/dao/ProductMapper.java, in the select function where manipulating the argument orderBy enables an SQL injection. The vulnerability can be triggered remotely, and the exploit has been disclosed publicly. Multi...

CVE-2025-1817

A vulnerability classified as problematic was found in Mini-Tmall up to 20250211. This vulnerability affects unknown code of the file /admin of the component Admin Name Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to...

CVE-2025-1817

CVE-2025-1817 affects Mini-Tmall up to 20250211, involving the /admin path of the Admin Name Handler. The issue is described as a cross-site scripting (XSS) vulnerability that can be triggered remotely and for which the exploit has been disclosed publicly. The available reports do not specify the...

Mini-Tmall 安全漏洞

Mini-Tmall is a Spring Boot-based mini-Tmall mall , fast deployment run , suitable for use as a Bijou template . A security vulnerability exists in Mini-Tmall v1.0. An attacker exploits the vulnerability to perform an insecure privilege attack via tomcat-embed-jasper...