23 matches found
Tmall_demo 安全漏洞
Tmalldemo is a Spring Boot-based mini Tmall by the Xianqi Mall projectteam team. A security vulnerability exists in Tmalldemo 20250505 and earlier versions, which stems from a cross-site request forgery due to misuse of the file tmall/admin/account/logout...
Tmall_demo 代码问题漏洞
Tmalldemo is a Spring Boot-based mini Tmall by the Xianqi Mall projectteam team. A code issue vulnerability exists in Tmalldemo 20250505 and earlier versions, which stems from the incorrect operation of the parameter File in the file tmall/admin/uploadCategoryImage, resulting in unlimited uploads...
Tmall_demo 代码问题漏洞
Tmalldemo is a Spring Boot-based mini Tmall by the Xianqi Mall projectteam team. A code issue vulnerability exists in Tmalldemo 20250505 and earlier versions, which stems from the incorrect operation of the parameter File in the file tmall/admin/uploadProductImage, resulting in unlimited uploads...
CVE-2024-40553
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload via the component uploadUserHeadImage...
CVE-2024-40560
Tmalldemo before v2024.07.03 was discovered to contain a SQL injection vulnerability...
CVE-2024-40555
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload vulnerability...
CVE-2024-40554
An access control issue in Tmalldemo v2024.07.03 allows attackers to obtain sensitive information...
CVE-2024-40554
An access control issue in Tmalldemo v2024.07.03 allows attackers to obtain sensitive information...
CVE-2024-40553
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload via the component uploadUserHeadImage...
CVE-2024-40560
Tmalldemo before v2024.07.03 was discovered to contain a SQL injection vulnerability...
CVE-2024-40555
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload vulnerability...
CVE-2024-40554
An access control issue in Tmalldemo v2024.07.03 allows attackers to obtain sensitive information...
CVE-2024-40560
Tmalldemo before v2024.07.03 was discovered to contain a SQL injection vulnerability...
CVE-2024-40553
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload via the component uploadUserHeadImage...
CVE-2024-40553
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload via the component uploadUserHeadImage...
CVE-2024-40554
An access control issue in Tmalldemo v2024.07.03 allows attackers to obtain sensitive information...
CVE-2024-40553
CVE-2024-40553 affects Tmall_demo v2024.07.03, where an arbitrary file upload is possible through the uploadUserHeadImage component. The incident is documented across Red Hat/NVD/CVE listings and third-party feeds. According to the initial metrics, the CVSS 3.1 vector indicates Network access, lo...
CVE-2024-40554
CVE-2024-40554 describes an access control issue in the Mini-Tmall/Tmall_demo v2024.07.03 where attackers can obtain sensitive information. The explicit affected component is the Tmall_demo application (version 2024.07.03); the underlying cause is identified as an access control flaw. The NVD ent...
CVE-2024-40555
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload vulnerability...
CVE-2024-40560
CVE-2024-40560 affects Mini-Tmall (Spring Boot-based mini-Tmall mall). Vulnerability: SQL injection due to lack of validation of externally entered SQL statements in versions prior to 2024.07.03. Impact: potential exposure of sensitive database data. Mitigation: upgrade to Mini-Tmall v2024.07.03 ...