Lucene search
K

10 matches found

CNVD
CNVD
added 2025/11/18 12:0 a.m.5 views

Unspecified vulnerability in mall-swarm

mall-swarm is a microservice mall system. There is a security vulnerability in mall-swarm, which originates from the mishandling of the orderID parameter in the paySuccess function in the file /order/paySuccess, for which no detailed vulnerability details are available at this time...

6.5CVSS5.5AI score0.00208EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.6 views

PT-2025-46833

A vulnerability was detected in macrozheng mall-swarm up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderID results in improper authorization. The attack can be launched remotely. The exploit is now public and may be...

6.5CVSS6.4AI score0.00208EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29147

Malicious code in bioql PyPI...

5.3CVSS4.9AI score0.00268EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-26464

Malicious code in bioql PyPI...

5.3CVSS4.9AI score0.00269EPSS
Exploits0References5
NVD
NVD
added 2025/09/15 3:15 a.m.8 views

CVE-2025-10422

A vulnerability has been found in newbee-mall up to 613a662adf1da7623ec34459bc83e3c1b12d8ce7. This issue affects the function paySuccess of the file /paySuccess of the component Order Status Handler. The manipulation of the argument orderNo leads to improper authorization. Remote exploitation of...

5.3CVSS0.00268EPSS
Exploits1References5
OSV
OSV
added 2025/09/15 3:15 a.m.2 views

CVE-2025-10422

A vulnerability has been found in newbee-mall up to 613a662adf1da7623ec34459bc83e3c1b12d8ce7. This issue affects the function paySuccess of the file /paySuccess of the component Order Status Handler. The manipulation of the argument orderNo leads to improper authorization. Remote exploitation of...

5.3CVSS5.3AI score0.00268EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/15 2:32 a.m.3 views

CVE-2025-10422 newbee-mall Order Status paySuccess improper authorization

A vulnerability has been found in newbee-mall up to 613a662adf1da7623ec34459bc83e3c1b12d8ce7. This issue affects the function paySuccess of the file /paySuccess of the component Order Status Handler. The manipulation of the argument orderNo leads to improper authorization. Remote exploitation of...

5.3CVSS6.3AI score0.00268EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/09/04 10:32 p.m.4 views

CVE-2025-9836

A vulnerability was found in macrozheng mall up to 1.0.3. This vulnerability affects the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderId results in authorization bypass. The attack can be launched remotely. The exploit has been made public and could be...

5.3CVSS4.8AI score0.00269EPSS
Exploits0References1
OSV
OSV
added 2025/09/02 10:15 p.m.2 views

CVE-2025-9836

A vulnerability was found in macrozheng mall up to 1.0.3. This vulnerability affects the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderId results in authorization bypass. The attack can be launched remotely. The exploit has been made public and could be...

5.3CVSS6.8AI score0.00269EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/02 12:0 a.m.4 views

mall 安全漏洞

mall is an e-commerce system for macro individual developers, including the front-end mall system and back-end management system. A security vulnerability exists in mall 1.0.3 and earlier versions, which stems from an authorization bypass due to incorrect operation of the parameter orderId in the...

5.3CVSS4.9AI score0.00269EPSS
Exploits0References6
Rows per page
Query Builder