CVE-2025-1114

Medium CVSS: 5.1

A vulnerability classified as problematic has been found in newbee-mall 1.0. Affected is the function save of the file /admin/categories/save of the component Add Category Page. The manipulation of the argument categoryName leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

Vendor

Newbee-mall Project

Product

Newbee-mall

CWE

CWE-79

Yayın Tarihi

2025-02-07 23:15:14

Güncelleme

2025-06-20 17:00:30

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-79 Newbee-mall MEDIUM Newbee-mall Project 2025

Referanslar

https://github.com/newbee-ltd/newbee-mall/issues/94 https://github.com/newbee-ltd/newbee-mall/issues/94#issue-2811680280 https://vuldb.com/?ctiid.295020 https://vuldb.com/?id.295020 https://vuldb.com/?submit.489744 https://github.com/newbee-ltd/newbee-mall/issues/94

Benzer Kayıtlar

Critical

CVE-2026-26218

newbee-mall includes pre-seeded administrator accounts in its database initialization script. These accounts are provisi…

Critical

CVE-2026-26219

newbee-mall stores and verifies user passwords using an unsalted MD5 hashing algorithm. The implementation does not inco…

Medium

CVE-2025-10423

A vulnerability was found in newbee-mall 1.0. Impacted is the function mallKaptcha of the file /common/mall/kaptcha. The…

Medium

CVE-2025-10422

A vulnerability has been found in newbee-mall up to 613a662adf1da7623ec34459bc83e3c1b12d8ce7. This issue affects the fun…

Medium

CVE-2025-4259

A vulnerability has been found in newbee-mall 1.0 and classified as critical. Affected by this vulnerability is the func…