16 matches found
CVE-2025-15360
A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attac...
EUVD-2025-205859
A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attac...
CVE-2025-15360
A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attac...
CVE-2025-15360
A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attac...
CVE-2025-15360 newbee-mall-plus Product Information Edit UploadController.java upload unrestricted upload
A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attac...
CVE-2025-15360 newbee-mall-plus Product Information Edit UploadController.java upload unrestricted upload
A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attac...
CVE-2025-15360
The CVE-2025-15360 vulnerability affects newbee-mall-plus 2.0.0, specifically the UploadController.java used for Product Information Edit Page. The issue arises from manipulation of the File argument in src/main/java/ltd/newbee/mall/controller/common/UploadController.java, enabling unrestricted f...
PT-2025-54229
A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attac...
newbee-mall-plus 安全漏洞
newbee-mall-plus is an open source e-commerce system by newbee-ltd. A security vulnerability exists in version 2.0.0 of newbee-mall-plus, which stems from the incorrect manipulation of the parameter File in the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java, which coul...
CVE-2025-12854
A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the function executeSeckill of the file /seckillExecution/. The manipulation of the argument userid leads to authorization bypass. It is possible to initiate the attack remotely. The attack is considered to...
CVE-2025-12854
A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the function executeSeckill of the file /seckillExecution/. The manipulation of the argument userid leads to authorization bypass. It is possible to initiate the attack remotely. The attack is considered to...
CVE-2025-12854 newbee-mall-plus seckillExecution executeSeckill authorization
A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the function executeSeckill of the file /seckillExecution/. The manipulation of the argument userid leads to authorization bypass. It is possible to initiate the attack remotely. The attack is considered to...
CVE-2025-12854 newbee-mall-plus seckillExecution executeSeckill authorization
A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the function executeSeckill of the file /seckillExecution/. The manipulation of the argument userid leads to authorization bypass. It is possible to initiate the attack remotely. The attack is considered to...
EUVD-2025-38252
A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the function executeSeckill of the file /seckillExecution/. The manipulation of the argument userid leads to authorization bypass. It is possible to initiate the attack remotely. The attack is considered to...
PT-2025-45419
Name of the Vulnerable Software and Affected Versions newbee-mall-plus versions up to 2.4.1 Description A flaw exists in newbee-mall-plus where manipulation of the userid argument within the executeSeckill function, located in the /seckillExecution/ file, can result in authorization bypass. This...
newbee-mall-plus 安全漏洞
newbee-mall-plus is an open source e-commerce system by newbee-ltd. A security vulnerability exists in newbee-mall-plus version 2.4.1 and earlier, which stems from incorrect manipulation of the parameter userid in the file /seckillExecution/, which could lead to authorization bypass...