Lucene search
+L

87 matches found

NVD
NVD
added 2025/11/13 2:15 p.m.5 views

CVE-2025-13116

A weakness has been identified in macrozheng mall-swarm and mall up to 1.0.3. Affected is the function cancelUserOrder of the file /order/cancelUserOrder. Executing manipulation of the argument orderId can lead to improper authorization. It is possible to launch the attack remotely. The exploit h...

5.5CVSS0.00296EPSS
Exploits1References6
OSV
OSV
added 2025/11/13 2:2 p.m.4 views

CVE-2025-13116 macrozheng mall-swarm/mall cancelUserOrder improper authorization

A weakness has been identified in macrozheng mall-swarm and mall up to 1.0.3. Affected is the function cancelUserOrder of the file /order/cancelUserOrder. Executing manipulation of the argument orderId can lead to improper authorization. It is possible to launch the attack remotely. The exploit h...

5.3CVSS5.8AI score0.00296EPSS
Exploits1References8
CVE
CVE
added 2025/11/13 2:2 p.m.24 views

CVE-2025-13116

CVE-2025-13116 affects macrozheng mall-swarm and mall up to 1.0.3. The issue is in the function cancelUserOrder in /order/cancelUserOrder, where manipulating the argument orderId can cause improper authorization. Attacks are described as remotely executable and a public exploit exists. Multiple c...

5.5CVSS5.4AI score0.00296EPSS
Exploits1References6Affected Software2
Vulnrichment
Vulnrichment
added 2025/11/13 1:32 p.m.4 views

CVE-2025-13115 macrozheng mall-swarm/mall Order Details detail improper authorization

A security flaw has been discovered in macrozheng mall-swarm and mall up to 1.0.3. This impacts the function detail of the file /order/detail/ of the component Order Details Handler. Performing manipulation of the argument orderId results in improper authorization. It is possible to initiate the...

5.3CVSS4.7AI score0.00319EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.4 views

mall-swarm 授权问题漏洞

mall-swarm is a microservice mall system. There is an authorization issue vulnerability in mall-swarm, which originates from the mishandling of the orderId parameter in the detail function in file /order/detail, no details of the vulnerability are provided at this time...

5.3CVSS5.8AI score0.00319EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.5 views

mall-swarm 授权问题漏洞

mall-swarm is a microservice mall system. There is an authorization issue vulnerability in mall-swarm, which originates from the improper handling of the orderId parameter in the cancelUserOrder function in the file /order/cancelUserOrder, and no detailed vulnerability details are provided...

5.5CVSS6AI score0.00296EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.6 views

mall-swarm 授权问题漏洞

mall-swarm is a microservice mall system. There is an authorization issue vulnerability in mall-swarm, which originates from the mishandling of the orderId parameter in the cancelOrder function in the file /order/cancelOrder, and no detailed vulnerability details are provided...

5.5CVSS6AI score0.00296EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-3165

Malware in sbrugna...

5CVSS6.4AI score0.01205EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-11038

Malware in sbrugna...

6.1CVSS6.3AI score0.00707EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-46258

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.0089EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-24050

Malicious code in bioql PyPI...

6.9CVSS5.6AI score0.0053EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-15737

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00788EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-46256

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00871EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-22559

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00628EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/04 10:32 p.m.5 views

CVE-2025-9836

A vulnerability was found in macrozheng mall up to 1.0.3. This vulnerability affects the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderId results in authorization bypass. The attack can be launched remotely. The exploit has been made public and could be...

5.3CVSS4.8AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/04 9:32 p.m.10 views

CVE-2025-9835

A vulnerability has been found in macrozheng mall up to 1.0.3. This affects the function cancelOrder of the file /order/cancelUserOrder. The manipulation of the argument orderId leads to authorization bypass. The attack can be initiated remotely. The exploit has been disclosed to the public and m...

5.3CVSS6.8AI score0.00304EPSS
Exploits1References1
NVD
NVD
added 2025/09/02 10:15 p.m.7 views

CVE-2025-9836

A vulnerability was found in macrozheng mall up to 1.0.3. This vulnerability affects the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderId results in authorization bypass. The attack can be launched remotely. The exploit has been made public and could be...

5.3CVSS0.00269EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/09/02 10:2 p.m.4 views

CVE-2025-9836 macrozheng mall paySuccess authorization

A vulnerability was found in macrozheng mall up to 1.0.3. This vulnerability affects the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderId results in authorization bypass. The attack can be launched remotely. The exploit has been made public and could be...

5.3CVSS4.8AI score0.00269EPSS
Exploits0References5
CVE
CVE
added 2025/09/02 10:2 p.m.24 views

CVE-2025-9836

CVE-2025-9836 affects macrozheng mall up to version 1.0.3. The flaw exists in the paySuccess function (/order/paySuccess); manipulating the orderId parameter enables an authorization bypass. The issue can be exploited remotely and exploitation has been made public (e.g., public PoC). Connected so...

5.3CVSS6.5AI score0.00269EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2025/09/02 9:32 p.m.14 views

CVE-2025-9835 macrozheng mall cancelUserOrder cancelOrder authorization

A vulnerability has been found in macrozheng mall up to 1.0.3. This affects the function cancelOrder of the file /order/cancelUserOrder. The manipulation of the argument orderId leads to authorization bypass. The attack can be initiated remotely. The exploit has been disclosed to the public and m...

5.3CVSS0.00304EPSS
Exploits1References5
Rows per page
Query Builder