Newbee Mall
Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:newbee-mall:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Newbee Mall (927fa7c0-2136-54a8-aa3b-b0ccd8d35a7a) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-4259 |
vulnerable | 2026-06-08 07:29:15.938206 |
newbee-mall UploadController.java upload unrestricted upload
MEDIUM (6.3)
A vulnerability has been found in newbee-mall 1.0 and classified as critical. Affected by this vulnerability is the function Upload of the file ltd/newbee/mall/controller/common/UploadController.java. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
Published: 2025-05-05T02:00:05.736Z
Updated: 2025-05-05T13:54:10.160Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-1114 |
vulnerable | 2026-06-08 07:06:36.949258 |
newbee-mall Add Category Page save cross site scripting
LOW (3.5)
A vulnerability classified as problematic has been found in newbee-mall 1.0. Affected is the function save of the file /admin/categories/save of the component Add Category Page. The manipulation of the argument categoryName leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
Published: 2025-02-07T22:31:04.425Z
Updated: 2025-02-10T17:16:22.122Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-10423 |
vulnerable | 2026-06-08 07:02:26.842084 |
newbee-mall kaptcha mallKaptcha Captcha
LOW (3.7)
A vulnerability was found in newbee-mall 1.0. Impacted is the function mallKaptcha of the file /common/mall/kaptcha. The manipulation results in guessable captcha. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is considered difficult. The exploit has been made public and could be used.
Published: 2025-09-15T03:02:05.834Z
Updated: 2025-09-15T17:10:21.301Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-10422 |
vulnerable | 2026-06-08 07:02:26.840378 |
newbee-mall Order Status paySuccess improper authorization
MEDIUM (4.3)
A vulnerability has been found in newbee-mall up to 613a662adf1da7623ec34459bc83e3c1b12d8ce7. This issue affects the function paySuccess of the file /paySuccess of the component Order Status Handler. The manipulation of the argument orderNo leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided.
Published: 2025-09-15T02:32:06.166Z
Updated: 2025-09-15T17:15:08.732Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.