CVE-2024-57434

High CVSS: 8.8

macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control. The project imports users by default, and the test user is made a super administrator.

Vendor

Macrozheng

Product

Mall-tiny

CWE

CWE-863

Yayın Tarihi

2025-01-31 22:15:12

Güncelleme

2025-04-22 15:29:06

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-863 Mall-tiny HIGH Macrozheng 2025

Referanslar

https://github.com/peccc/restful_vul/blob/main/mall_tiny_weak_password/mall_tiny_weak_password.md https://github.com/peccc/restful_vul/blob/main/mall_tiny_weak_password/mall_tiny_weak_password.md

Benzer Kayıtlar

Critical

CVE-2026-25858

macrozheng mall version 1.0.3 and prior contains an authentication vulnerability in the mall-portal password reset workf…

Medium

CVE-2025-15118

A security vulnerability has been detected in macrozheng mall up to 1.0.3. This vulnerability affects unknown code of th…

Medium

CVE-2025-14016

A security vulnerability has been detected in macrozheng mall-swarm up to 1.0.3. Affected is the function delete of the…

Medium

CVE-2025-13443

A vulnerability was detected in macrozheng mall up to 1.0.3. Affected by this issue is the function delete of the file /…

Medium

CVE-2025-13117

A security vulnerability has been detected in macrozheng mall-swarm and mall up to 1.0.3. Affected by this vulnerability…

Medium

CVE-2025-13118

A vulnerability was detected in macrozheng mall-swarm and mall up to 1.0.3. Affected by this issue is the function paySu…