CVE-2025-25770

Medium CVSS: 6.8

Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /agency/AgencyUserController.java.

Vendor

Product

CWE

Yayın Tarihi

2025-02-21 19:15:14

Güncelleme

2025-03-28 20:07:33

Source Identifier

cve@mitre.org

KEV Date Added

CWE-352 Wangmarket MEDIUM Wang.market 2025

https://flowus.cn/share/dddbd17e-e459-46c7-b3f9-9c9a90cee804 https://flowus.cn/share/dddbd17e-e459-46c7-b3f9-9c9a90cee804

Medium

CVE-2025-15452

A weakness has been identified in xnx3 wangmarket up to 4.9. This affects the function variableList of the file /admin/s…

Medium

CVE-2025-15451

A security flaw has been discovered in xnx3 wangmarket up to 4.9. Affected by this issue is some unknown functionality o…

Medium

CVE-2025-15416

A vulnerability was found in xnx3 wangmarket up to 6.4. This affects an unknown function of the file /siteVar/save.do of…

Medium

CVE-2025-15415

A vulnerability has been found in xnx3 wangmarket up to 6.4. The impacted element is the function uploadImage of the fil…

High

CVE-2025-25769

Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /controller/Use…