Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/12/26 9:23 p.m.11 views

CVE-2025-15086

A weakness has been identified in youlaitech youlai-mall 1.0.0/2.0.0. This impacts the function getMemberByMobile of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java. This manipulation causes improper access controls. The attack may be initiated...

5.3CVSS6.5AI score0.00258EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/26 8:18 p.m.10 views

CVE-2025-15085

A security flaw has been discovered in youlaitech youlai-mall 1.0.0/2.0.0. This affects the function deductBalance of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java of the component Balance Handler. The manipulation results in improper...

8.1CVSS6.5AI score0.00259EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/25 7:32 p.m.4 views

CVE-2025-15085 youlaitech youlai-mall Balance MemberController.java deductBalance improper authorization

A security flaw has been discovered in youlaitech youlai-mall 1.0.0/2.0.0. This affects the function deductBalance of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java of the component Balance Handler. The manipulation results in improper...

5.3CVSS4.6AI score0.00259EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/25 7:32 p.m.23 views

CVE-2025-15085 youlaitech youlai-mall Balance MemberController.java deductBalance improper authorization

A security flaw has been discovered in youlaitech youlai-mall 1.0.0/2.0.0. This affects the function deductBalance of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java of the component Balance Handler. The manipulation results in improper...

5.3CVSS0.00259EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/05 10:33 p.m.4 views

CVE-2025-14051

A flaw has been found in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function getById/updateAddress/deleteAddress of the file /mall-ums/app-api/v1/addresses/. Executing manipulation can lead to improper control of dynamically-identified variables. The attack can be executed remotely. The...

8.8CVSS6.4AI score0.00415EPSS
Exploits1References1
NVD
NVD
added 2025/12/05 2:15 p.m.6 views

CVE-2025-14086

A vulnerability was found in youlaitech youlai-mall 1.0.0/2.0.0. Affected is an unknown function of the file /app-api/v1/members/openid/. The manipulation of the argument openid results in improper access controls. The attack can be executed remotely. The exploit has been made public and could be...

8.8CVSS0.00277EPSS
Exploits1References4
OSV
OSV
added 2025/12/04 10:32 p.m.5 views

CVE-2025-14051 youlaitech youlai-mall addresses deleteAddress improper control of dynamically-identified variables

A flaw has been found in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function getById/updateAddress/deleteAddress of the file /mall-ums/app-api/v1/addresses/. Executing manipulation can lead to improper control of dynamically-identified variables. The attack can be executed remotely. The...

5.3CVSS6.2AI score0.00415EPSS
Exploits1References9
Rows per page
Query Builder