3 matches found
CVE-2025-8753
CVE-2025-8753 affects linlinjava litemall up to version 1.8.0. The vulnerability resides in the File Handler’s delete function at /admin/storage/delete, where manipulation of the key parameter enables path traversal. The issue can be exploited remotely and the public exploit is disclosed. Affecte...
CVE-2025-8991
CVE-2025-8991 affects linlinjava litemall versions up to 1.8.0. The vulnerability resides in the Business Logic Handler’s /admin/config/express, where manipulating the litemall_express_freight_min parameter triggers business logic errors. The issue is exploitable remotely and publicized. PT-2025-...
CVE-2025-6702
CVE-2025-6702 affects linlinjava litemall 1.8.0. Affected is an unknown function in the file /wx/comment/post where manipulating the adminComment parameter leads to improper authorization. Attacker can exploit remotely, and the exploit has been disclosed publicly. The vendor was contacted early b...