4 matches found
CVE-2025-14085
A vulnerability has been found in youlaitech youlai-mall 1.0.0/2.0.0. This impacts an unknown function of the file /app-api/v1/orders/. The manipulation of the argument orderId leads to improper control of dynamically-identified variables. Remote exploitation of the attack is possible. The exploi...
CVE-2025-14085 youlaitech youlai-mall orders improper control of dynamically-identified variables
A vulnerability has been found in youlaitech youlai-mall 1.0.0/2.0.0. This impacts an unknown function of the file /app-api/v1/orders/. The manipulation of the argument orderId leads to improper control of dynamically-identified variables. Remote exploitation of the attack is possible. The exploi...
CVE-2025-14085
The CVE-2025-14085 entry concerns youlaitech youlai-mall versions 1.0.0–2.0.0. The vulnerability resides in an unknown function under the /app-api/v1/orders/ endpoint, where manipulating the orderId parameter leads to improper control of dynamically-identified variables. This enables remote explo...
EUVD-2025-201410
A vulnerability has been found in youlaitech youlai-mall 1.0.0/2.0.0. This impacts an unknown function of the file /app-api/v1/orders/. The manipulation of the argument orderId leads to improper control of dynamically-identified variables. Remote exploitation of the attack is possible. The exploi...