Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/01/01 11:29 a.m.8 views

CVE-2025-15360

A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attac...

5.8CVSS6.7AI score0.00346EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/31 12:31 a.m.8 views

EUVD-2025-205859

A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attac...

5.8CVSS6.3AI score0.00346EPSS
Exploits1References5
NVD
NVD
added 2025/12/30 10:15 p.m.8 views

CVE-2025-15360

A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attac...

7.2CVSS0.00346EPSS
Exploits1References4
OSV
OSV
added 2025/12/30 10:15 p.m.2 views

CVE-2025-15360

A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attac...

7.2CVSS5.5AI score0.00346EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/30 9:32 p.m.28 views

CVE-2025-15360 newbee-mall-plus Product Information Edit UploadController.java upload unrestricted upload

A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attac...

5.8CVSS0.00346EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/30 9:32 p.m.3 views

CVE-2025-15360 newbee-mall-plus Product Information Edit UploadController.java upload unrestricted upload

A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attac...

5.8CVSS6.5AI score0.00346EPSS
Exploits1References4
CVE
CVE
added 2025/12/30 9:32 p.m.13 views

CVE-2025-15360

The CVE-2025-15360 vulnerability affects newbee-mall-plus 2.0.0, specifically the UploadController.java used for Product Information Edit Page. The issue arises from manipulation of the File argument in src/main/java/ltd/newbee/mall/controller/common/UploadController.java, enabling unrestricted f...

7.2CVSS6.5AI score0.00346EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.4 views

PT-2025-54229

A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attac...

5.8CVSS6.8AI score0.00346EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.3 views

newbee-mall-plus 安全漏洞

newbee-mall-plus is an open source e-commerce system by newbee-ltd. A security vulnerability exists in version 2.0.0 of newbee-mall-plus, which stems from the incorrect manipulation of the parameter File in the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java, which coul...

7.2CVSS5.7AI score0.00346EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/11/08 12:54 p.m.8 views

CVE-2025-12854

A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the function executeSeckill of the file /seckillExecution/. The manipulation of the argument userid leads to authorization bypass. It is possible to initiate the attack remotely. The attack is considered to...

6.3CVSS6.7AI score0.00445EPSS
Exploits0References1
NVD
NVD
added 2025/11/07 1:15 p.m.8 views

CVE-2025-12854

A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the function executeSeckill of the file /seckillExecution/. The manipulation of the argument userid leads to authorization bypass. It is possible to initiate the attack remotely. The attack is considered to...

6.3CVSS0.00445EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/07 12:32 p.m.5 views

EUVD-2025-38252

A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the function executeSeckill of the file /seckillExecution/. The manipulation of the argument userid leads to authorization bypass. It is possible to initiate the attack remotely. The attack is considered to...

6.3CVSS4.5AI score0.00445EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/11/07 12:32 p.m.2 views

CVE-2025-12854 newbee-mall-plus seckillExecution executeSeckill authorization

A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the function executeSeckill of the file /seckillExecution/. The manipulation of the argument userid leads to authorization bypass. It is possible to initiate the attack remotely. The attack is considered to...

6.3CVSS6.5AI score0.00445EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/07 12:32 p.m.11 views

CVE-2025-12854 newbee-mall-plus seckillExecution executeSeckill authorization

A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the function executeSeckill of the file /seckillExecution/. The manipulation of the argument userid leads to authorization bypass. It is possible to initiate the attack remotely. The attack is considered to...

6.3CVSS0.00445EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.5 views

newbee-mall-plus 安全漏洞

newbee-mall-plus is an open source e-commerce system by newbee-ltd. A security vulnerability exists in newbee-mall-plus version 2.4.1 and earlier, which stems from incorrect manipulation of the parameter userid in the file /seckillExecution/, which could lead to authorization bypass...

6.3CVSS4.7AI score0.00445EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/11/07 12:0 a.m.4 views

PT-2025-45419

Name of the Vulnerable Software and Affected Versions newbee-mall-plus versions up to 2.4.1 Description A flaw exists in newbee-mall-plus where manipulation of the userid argument within the executeSeckill function, located in the /seckillExecution/ file, can result in authorization bypass. This...

6.3CVSS6.1AI score0.00445EPSS
Exploits0References7
Rows per page
Query Builder