CVE-2025-10423

Medium CVSS: 6.3

A vulnerability was found in newbee-mall 1.0. Impacted is the function mallKaptcha of the file /common/mall/kaptcha. The manipulation results in guessable captcha. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is considered difficult. The exploit has been made public and could be used.

Vendor

Newbee-mall Project

Product

Newbee-mall

CWE

CWE-287

Yayın Tarihi

2025-09-15 04:15:48

Güncelleme

2025-10-14 19:37:29

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-287 Newbee-mall MEDIUM Newbee-mall Project 2025

Referanslar

https://github.com/newbee-ltd/newbee-mall/issues/101 https://github.com/newbee-ltd/newbee-mall/issues/101#issue-3380163659 https://vuldb.com/?ctiid.323857 https://vuldb.com/?id.323857 https://vuldb.com/?submit.647066

Benzer Kayıtlar

Critical

CVE-2026-26218

newbee-mall includes pre-seeded administrator accounts in its database initialization script. These accounts are provisi…

Critical

CVE-2026-26219

newbee-mall stores and verifies user passwords using an unsalted MD5 hashing algorithm. The implementation does not inco…

Medium

CVE-2025-10422

A vulnerability has been found in newbee-mall up to 613a662adf1da7623ec34459bc83e3c1b12d8ce7. This issue affects the fun…

Medium

CVE-2025-4259

A vulnerability has been found in newbee-mall 1.0 and classified as critical. Affected by this vulnerability is the func…

Medium

CVE-2025-1114

A vulnerability classified as problematic has been found in newbee-mall 1.0. Affected is the function save of the file /…