10 matches found
Unspecified vulnerability in mall-swarm
mall-swarm is a microservice mall system. There is a security vulnerability in mall-swarm, which originates from the mishandling of the orderID parameter in the paySuccess function in the file /order/paySuccess, for which no detailed vulnerability details are available at this time...
PT-2025-46833
A vulnerability was detected in macrozheng mall-swarm up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderID results in improper authorization. The attack can be launched remotely. The exploit is now public and may be...
EUVD-2025-29147
Malicious code in bioql PyPI...
EUVD-2025-26464
Malicious code in bioql PyPI...
CVE-2025-10422
A vulnerability has been found in newbee-mall up to 613a662adf1da7623ec34459bc83e3c1b12d8ce7. This issue affects the function paySuccess of the file /paySuccess of the component Order Status Handler. The manipulation of the argument orderNo leads to improper authorization. Remote exploitation of...
CVE-2025-10422
A vulnerability has been found in newbee-mall up to 613a662adf1da7623ec34459bc83e3c1b12d8ce7. This issue affects the function paySuccess of the file /paySuccess of the component Order Status Handler. The manipulation of the argument orderNo leads to improper authorization. Remote exploitation of...
CVE-2025-10422 newbee-mall Order Status paySuccess improper authorization
A vulnerability has been found in newbee-mall up to 613a662adf1da7623ec34459bc83e3c1b12d8ce7. This issue affects the function paySuccess of the file /paySuccess of the component Order Status Handler. The manipulation of the argument orderNo leads to improper authorization. Remote exploitation of...
CVE-2025-9836
A vulnerability was found in macrozheng mall up to 1.0.3. This vulnerability affects the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderId results in authorization bypass. The attack can be launched remotely. The exploit has been made public and could be...
CVE-2025-9836
A vulnerability was found in macrozheng mall up to 1.0.3. This vulnerability affects the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderId results in authorization bypass. The attack can be launched remotely. The exploit has been made public and could be...
mall 安全漏洞
mall is an e-commerce system for macro individual developers, including the front-end mall system and back-end management system. A security vulnerability exists in mall 1.0.3 and earlier versions, which stems from an authorization bypass due to incorrect operation of the parameter orderId in the...