2 matches found
CVE-2025-4118
This CVE (CVE-2025-4118) affects Weitong Mall 1.0.0, specifically the Product History Handler’s historyList file. The root cause is manipulation of the isDelete parameter (input 1) leading to improper access controls, allowing a remote attack. Exploitation has been publicly disclosed. Practical i...
CVE-2025-4119
CVE-2025-4119 affects Weitong Mall 1.0.0, specifically the Product Statistics Handler’s /queryTotal. The root cause is improper access control triggered by manipulating the isDelete parameter with the value 1, enabling remote execution. Multiple sources corroborate the vulnerability and indicate ...