6 matches found
CVE-2024-40553
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload via the component uploadUserHeadImage...
CVE-2024-40553
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload via the component uploadUserHeadImage...
CVE-2024-40553
Tmalldemo v2024.07.03 was discovered to contain an arbitrary file upload via the component uploadUserHeadImage...
PT-2024-28918 · Unknown · Tmall Demo
Name of the Vulnerable Software and Affected Versions: Tmall demo version 2024.07.03 Description: The issue allows for an arbitrary file upload through the uploadUserHeadImage component. Recommendations: For Tmall demo version 2024.07.03, consider disabling the uploadUserHeadImage component until...
CVE-2024-40553
CVE-2024-40553 affects Tmall_demo v2024.07.03, where an arbitrary file upload is possible through the uploadUserHeadImage component. The incident is documented across Red Hat/NVD/CVE listings and third-party feeds. According to the initial metrics, the CVSS 3.1 vector indicates Network access, lo...
Mini-Tmall Security Breach
Mini-Tmall is a Spring Boot based mini-Tmall mall, fast deployment and running, suitable for use as a Bijou template. A security vulnerability exists in Mini-Tmall version v2024.07.03. An attacker can exploit the vulnerability to upload arbitrary files via the component uploadUserHeadImage...