CVE-2025-10291

Medium CVSS: 5.3

A weakness has been identified in linlinjava litemall up to 1.8.0. This affects the function WxAftersaleController of the file /wx/aftersale/cancel. Executing manipulation of the argument ID can lead to improper authorization. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Linlinjava

Product

Litemall

CWE

CWE-266

Yayın Tarihi

2025-09-12 06:15:41

Güncelleme

2025-10-31 14:27:56

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-266 Litemall MEDIUM Linlinjava 2025

Referanslar

https://vuldb.com/?ctiid.323717 https://vuldb.com/?id.323717 https://vuldb.com/?submit.643390 https://www.cnblogs.com/aibot/p/19063376

Benzer Kayıtlar

Medium

CVE-2025-8991

A vulnerability was identified in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown function…

Medium

CVE-2025-8974

A vulnerability was determined in linlinjava litemall up to 1.8.0. Affected by this issue is some unknown functionality…

Medium

CVE-2025-8965

A vulnerability has been found in linlinjava litemall up to 1.8.0. This vulnerability affects the function create of the…

Medium

CVE-2025-8764

A vulnerability classified as critical has been found in linlinjava litemall up to 1.8.0. Affected is the function Uploa…

Medium

CVE-2025-8753

A vulnerability, which was classified as critical, has been found in linlinjava litemall up to 1.8.0. Affected by this i…

Medium

CVE-2025-6702

A vulnerability, which was classified as problematic, was found in linlinjava litemall 1.8.0. Affected is an unknown fun…