2 matches found
CVE-2025-8128
CVE-2025-8128 affects zhousg letao. A vulnerability in the product route handling allows manipulation of an upload parameter (pictrdtz) leading to unrestricted file uploads. Exploit remote, disclosed publicly; but exact affected versions are not specified in the provided materials. Some sources n...
CVE-2025-8128 zhousg letao product.js unrestricted upload
A vulnerability, which was classified as critical, has been found in zhousg letao up to 7d8df0386a65228476290949e0413de48f7fbe98. This issue affects some unknown processing of the file routes\bf\product.js. The manipulation of the argument pictrdtz leads to unrestricted upload. The attack may be...