23 matches found
Tmall_demo 安全漏洞
Tmalldemo is a Spring Boot-based mini Tmall by the Xianqi Mall projectteam team. A security vulnerability exists in Tmalldemo 20250505 and earlier versions, which stems from a cross-site request forgery due to misuse of the file tmall/admin/account/logout...
Tmall_demo 代码问题漏洞
Tmalldemo is a Spring Boot-based mini Tmall by the Xianqi Mall projectteam team. A code issue vulnerability exists in Tmalldemo 20250505 and earlier versions, which stems from the incorrect operation of the parameter File in the file tmall/admin/uploadProductImage, resulting in unlimited uploads...
Tmall_demo 代码问题漏洞
Tmalldemo is a Spring Boot-based mini Tmall by the Xianqi Mall projectteam team. A code issue vulnerability exists in Tmalldemo 20250505 and earlier versions, which stems from the incorrect operation of the parameter File in the file tmall/admin/uploadCategoryImage, resulting in unlimited uploads...
CVE-2024-40555
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload vulnerability...
CVE-2024-40553
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload via the component uploadUserHeadImage...
CVE-2024-40554
An access control issue in Tmalldemo v2024.07.03 allows attackers to obtain sensitive information...
CVE-2024-40560
Tmalldemo before v2024.07.03 was discovered to contain a SQL injection vulnerability...
CVE-2024-40553
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload via the component uploadUserHeadImage...
CVE-2024-40554
An access control issue in Tmalldemo v2024.07.03 allows attackers to obtain sensitive information...
CVE-2024-40560
Tmalldemo before v2024.07.03 was discovered to contain a SQL injection vulnerability...
CVE-2024-40555
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload vulnerability...
CVE-2024-40555
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload vulnerability...
CVE-2024-40560
Tmalldemo before v2024.07.03 was discovered to contain a SQL injection vulnerability...
CVE-2024-40553
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload via the component uploadUserHeadImage...
CVE-2024-40554
CVE-2024-40554 describes an access control issue in the Mini-Tmall/Tmall_demo v2024.07.03 where attackers can obtain sensitive information. The explicit affected component is the Tmall_demo application (version 2024.07.03); the underlying cause is identified as an access control flaw. The NVD ent...
CVE-2024-40555
CVE-2024-40555 affects Tmall_demo v2024.07.03 and is described in connected sources as an arbitrary file upload vulnerability. The available documents confirm the issue exists in that version but do not provide technical specifics about vulnerable components, exact root cause, vulnerable file han...
CVE-2024-40560
Tmalldemo before v2024.07.03 was discovered to contain a SQL injection vulnerability...
CVE-2024-40553
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload via the component uploadUserHeadImage...
CVE-2024-40555
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload vulnerability...
CVE-2024-40560
CVE-2024-40560 affects Mini-Tmall (Spring Boot-based mini-Tmall mall). Vulnerability: SQL injection due to lack of validation of externally entered SQL statements in versions prior to 2024.07.03. Impact: potential exposure of sensitive database data. Mitigation: upgrade to Mini-Tmall v2024.07.03 ...