Linlinjava

Litemall

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-10291

Exploit
  • EPSS 0.05%
  • Veröffentlicht 12.09.2025 05:32:07
  • Zuletzt bearbeitet 31.10.2025 14:27:56

A weakness has been identified in linlinjava litemall up to 1.8.0. This affects the function WxAftersaleController of the file /wx/aftersale/cancel. Executing manipulation of the argument ID can lead to improper authorization. The attack can be execu...

4.3

CVE-2025-8991

Exploit
  • EPSS 0.06%
  • Veröffentlicht 15.08.2025 00:32:05
  • Zuletzt bearbeitet 11.09.2025 15:34:27

A vulnerability was identified in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file /admin/config/express of the component Business Logic Handler. The manipulation of the argument litemall_express...

9.8

CVE-2025-8974

Exploit
  • EPSS 0.12%
  • Veröffentlicht 14.08.2025 18:02:08
  • Zuletzt bearbeitet 11.09.2025 15:14:50

A vulnerability was determined in linlinjava litemall up to 1.8.0. Affected by this issue is some unknown functionality of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/util/JwtHelper.java of the component JSON Web Token Handler. ...

8.8

CVE-2025-8965

Exploit
  • EPSS 0.05%
  • Veröffentlicht 14.08.2025 15:32:06
  • Zuletzt bearbeitet 11.09.2025 15:12:11

A vulnerability has been found in linlinjava litemall up to 1.8.0. This vulnerability affects the function create of the file litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java of the component Endpoint. Th...

5.4

CVE-2025-8764

Exploit
  • EPSS 0.03%
  • Veröffentlicht 09.08.2025 18:32:06
  • Zuletzt bearbeitet 11.09.2025 15:04:33

A vulnerability classified as critical has been found in linlinjava litemall up to 1.8.0. Affected is the function Upload of the file /wx/storage/upload. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the...

5.5

CVE-2025-8753

Exploit
  • EPSS 0.06%
  • Veröffentlicht 09.08.2025 13:32:05
  • Zuletzt bearbeitet 11.09.2025 14:56:54

A vulnerability, which was classified as critical, has been found in linlinjava litemall up to 1.8.0. Affected by this issue is the function delete of the file /admin/storage/delete of the component File Handler. The manipulation of the argument key ...

5.3

CVE-2025-6702

Exploit
  • EPSS 0.08%
  • Veröffentlicht 26.06.2025 16:00:16
  • Zuletzt bearbeitet 10.07.2025 01:02:51

A vulnerability, which was classified as problematic, was found in linlinjava litemall 1.8.0. Affected is an unknown function of the file /wx/comment/post. The manipulation of the argument adminComment leads to improper authorization. It is possible ...

7.5

CVE-2024-46382

Exploit
  • EPSS 0.12%
  • Veröffentlicht 19.09.2024 13:15:04
  • Zuletzt bearbeitet 25.09.2024 16:56:09

A SQL injection vulnerability in linlinjava litemall 1.8.0 allows a remote attacker to obtain sensitive information via the goodsId, goodsSn, and name parameters in AdminGoodscontroller.java.

8.8

CVE-2024-6452

Exploit
  • EPSS 0.33%
  • Veröffentlicht 02.07.2024 20:15:06
  • Zuletzt bearbeitet 11.09.2025 15:08:44

A vulnerability classified as critical was found in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file AdminGoodscontroller.java. The manipulation of the argument goodsId/goodsSn/name leads to sql ...

7.2

CVE-2024-24323

Exploit
  • EPSS 0.76%
  • Veröffentlicht 27.02.2024 17:15:12
  • Zuletzt bearbeitet 15.09.2025 17:09:47

SQL injection vulnerability in linlinjava litemall v.1.8.0 allows a remote attacker to obtain sensitive information via the nickname, consignee, orderSN, orderStatusArray parameters of the AdminOrdercontroller.java component.