Lucene search

Mini Tmall Security Vulnerabilities

cve

CVE-2022-30929

Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper.

8.8CVSS

8.6AI Score

0.001EPSS

2022-07-06 03:15 PM

cve

CVE-2023-4445

A vulnerability, which was classified as critical, has been found in Mini-Tmall up to 20230811. Affected by this issue is some unknown functionality of the file product/1/1?test=1&test2=2&. The manipulation of the argument orderBy leads to sql injection. The attack may be launched remotely. The exp...

9.8CVSS

9.6AI Score

0.001EPSS

2023-08-21 01:15 AM

116

cve

CVE-2024-2074

A vulnerability was found in Mini-Tmall up to 20231017 and classified as critical. This issue affects some unknown processing of the file ?r=tmall/admin/user/1/1. The manipulation of the argument orderBy leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-03-01 06:15 PM

cve

CVE-2024-8568

A vulnerability, which was classified as critical, was found in Mini-Tmall up to 20240901. Affected is the function rewardMapper.select of the file tmall/admin/order/1/1. The manipulation of the argument orderBy leads to sql injection. It is possible to launch the attack remotely. The exploit has b...

9.8CVSS

6.8AI Score

0.001EPSS

2024-09-08 03:15 AM