18 matches found
Unspecified vulnerability in mall-swarm
mall-swarm is a microservice mall system. There is a security vulnerability in mall-swarm, which originates from the mishandling of the orderID parameter in the paySuccess function in the file /order/paySuccess, for which no detailed vulnerability details are available at this time...
CVE-2025-13118
A vulnerability was detected in macrozheng mall-swarm up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderID results in improper authorization. The attack can be launched remotely. The exploit is now public and may be...
CVE-2025-13118
A vulnerability was detected in macrozheng mall-swarm and mall up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderID results in improper authorization. The attack can be launched remotely. The exploit is now public a...
CVE-2025-13118
A vulnerability was detected in macrozheng mall-swarm up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderID results in improper authorization. The attack can be launched remotely. The exploit is now public and may be...
EUVD-2025-175308
A vulnerability was detected in macrozheng mall-swarm up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderID results in improper authorization. The attack can be launched remotely. The exploit is now public and may be...
CVE-2025-13118 macrozheng mall-swarm paySuccess improper authorization
A vulnerability was detected in macrozheng mall-swarm up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderID results in improper authorization. The attack can be launched remotely. The exploit is now public and may be...
CVE-2025-13118
Summary (CVE-2025-13118): Macrozheng mall-swarm and mall up to 1.0.3 are affected. The paySuccess function in /order/paySuccess is vulnerable to argument tampering of orderID, resulting in improper authorization. The issue is exploitable remotely; exploits are public. Multiple connected sources c...
CVE-2025-13118 macrozheng mall-swarm paySuccess improper authorization
A vulnerability was detected in macrozheng mall-swarm up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderID results in improper authorization. The attack can be launched remotely. The exploit is now public and may be...
mall-swarm 安全漏洞
mall-swarm is a microservice mall system. There is a security vulnerability in mall-swarm, which originates from the mishandling of the orderID parameter in the paySuccess function in the file /order/paySuccess, for which no detailed vulnerability details are available at this time...
CVE-2025-10422
A vulnerability has been found in newbee-mall up to 613a662adf1da7623ec34459bc83e3c1b12d8ce7. This issue affects the function paySuccess of the file /paySuccess of the component Order Status Handler. The manipulation of the argument orderNo leads to improper authorization. Remote exploitation of...
CVE-2025-10422 newbee-mall Order Status paySuccess improper authorization
A vulnerability has been found in newbee-mall up to 613a662adf1da7623ec34459bc83e3c1b12d8ce7. This issue affects the function paySuccess of the file /paySuccess of the component Order Status Handler. The manipulation of the argument orderNo leads to improper authorization. Remote exploitation of...
CVE-2025-10422
CVE-2025-10422 affects the newbee-mall Order Status Handler, specifically the paySuccess function in the /paySuccess file. The vulnerability arises from manipulating the orderNo parameter, causing improper authorization. Remote exploitation is possible and the exploit has been publicly disclosed....
PT-2025-37443
Name of the Vulnerable Software and Affected Versions: newbee-mall versions prior to 613a662adf1da7623ec34459bc83e3c1b12d8ce7 Description: A vulnerability exists in newbee-mall related to improper authorization. The issue affects the paySuccess function within the /paySuccess file of the Order...
newbee-mall 授权问题漏洞
newbee-mall is a newbee open source e-commerce system . There is an authorization issue vulnerability in newbee-mall, which stems from improper handling of the parameter orderNo of the component Order Status Handler in file/paySuccess, which may lead to improper authorization...
CVE-2025-9836
A vulnerability was found in macrozheng mall up to 1.0.3. This vulnerability affects the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderId results in authorization bypass. The attack can be launched remotely. The exploit has been made public and could be...
CVE-2025-9836
CVE-2025-9836 affects macrozheng mall up to version 1.0.3. The flaw exists in the paySuccess function (/order/paySuccess); manipulating the orderId parameter enables an authorization bypass. The issue can be exploited remotely and exploitation has been made public (e.g., public PoC). Connected so...
CVE-2025-9836 macrozheng mall paySuccess authorization
A vulnerability was found in macrozheng mall up to 1.0.3. This vulnerability affects the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderId results in authorization bypass. The attack can be launched remotely. The exploit has been made public and could be...
PT-2025-35637
Name of the Vulnerable Software and Affected Versions: macrozheng mall versions up to 1.0.3 Description: A vulnerability exists in the paySuccess function of the /order/paySuccess file. Manipulation of the orderId argument can lead to authorization bypass. The exploit has been made public...