EUVD-2025-205383

A vulnerability was identified in youlaitech youlai-mall 1.0.0/2.0.0. The impacted element is the function orderService.payOrder of the file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/app/OrderController.java of the component Order Payment Handler. The manipulation leads to...

CVE-2025-57213

Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows attackers to access sensitive information via a crafted request...

CVE-2025-57212

Incorrect access control in the component ApiOrderService.java of platform v1.0.0 allows attackers to access sensitive information via a crafted request...

CVE-2025-57212

Incorrect access control in the component ApiOrderService.java of platform v1.0.0 allows attackers to access sensitive information via a crafted request...

CVE-2025-57213

Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows attackers to access sensitive information via a crafted request...

CVE-2025-57213

Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows attackers to access sensitive information via a crafted request...

CVE-2025-57212

CVE-2025-57212 affects platform v1.0.0 in the ApiOrderService.java component, where improper access control may allow an attacker to disclose sensitive information via a crafted request. Evidence across multiple sources confirms the same description without additional exploit details. The vulnera...

EUVD-2025-201239

Incorrect access control in the component ApiOrderService.java of platform v1.0.0 allows attackers to access sensitive information via a crafted request...

CVE-2025-57213

CVE-2025-57213 affects platform v1.0.0. The vulnerability arises from incorrect access control in the component orderService.queryObject, enabling an attacker to access sensitive information via a crafted request. Current documents do not specify the affected software family beyond platform v1.0....

PT-2025-49075

Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows attackers to access sensitive information via a crafted request...

Weitong Mall 安全漏洞

Weitong Mall 微同商城 is a shopping mall system by fuyanglipengjun, an individual developer. A security vulnerability exists in Weitong Mall version 1.0.0, which originates from improper access control of the orderService.queryObject component, which may lead to sensitive information leakage...

CVE-2025-57213

Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows attackers to access sensitive information via a crafted request...

CVE-2025-57213

Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows attackers to access sensitive information via a crafted request...

PT-2025-49074

Name of the Vulnerable Software and Affected Versions platform version 1.0.0 Description An access control issue exists in the ApiOrderService.java component, potentially allowing unauthorized access to sensitive information through a specially crafted request. Recommendations Apply updates to...

Weitong Mall 安全漏洞

Weitong Mall 微同商城 is a shopping mall system by fuyanglipengjun, an individual developer. A security vulnerability exists in Weitong Mall version 1.0.0, which originates from improper access control of the ApiOrderService.java component, and may result in the disclosure of sensitive information...

EUVD-2025-201240

Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows attackers to access sensitive information via a crafted request...

Vulnerabilities fixed in Oracle Communications Applications

Vulnerabilities have been fixed in Oracle Communications Applications products. A malicious party could exploit them to carry out attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to sensitive data Acce...

PT-2023-6298 · Oracle · Oracle Communications Order/Service Management

Name of the Vulnerable Software and Affected Versions: Oracle Communications Order and Service Management versions 7.4.0 through 7.4.1 Description: The issue is related to insufficient input validation in the User Management component of Oracle Communications Order and Service Management, allowin...

Vulnerabilities fixed in Oracle Communications Applications

Vulnerabilities have been fixed in Oracle Communications Applications products. A malicious party could exploit them to carry out attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root rights Remote code...

Vulnerabilities fixed in Oracle Communications Applications

Vulnerabilities have been fixed in Oracle Communications Applications. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Bypassing security measure Remote code...