📦 Litemall
by Linlinjava
🔍 What is Litemall?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
A SQL injection vulnerability in litemall 1.8.0 allows remote attackers to execute arbitrary SQL commands through the goodsId, goodsSn, and name parameters in AdminGoodsController.java. This can lead ...
This SQL injection vulnerability in litemall v1.8.0 allows remote attackers to execute arbitrary SQL commands through the AdminOrderController component. Attackers can potentially access, modify, or d...
This vulnerability in linlinjava litemall up to version 1.8.0 allows remote attackers to bypass authorization controls via manipulation of the ID parameter in the WxAftersaleController function. Attac...
A business logic vulnerability in linlinjava litemall up to version 1.8.0 allows remote attackers to manipulate the 'litemall_express_freight_min' parameter in the /admin/config/express endpoint, caus...
This critical vulnerability in linlinjava litemall allows remote attackers to upload arbitrary files without restrictions via the /wx/storage/upload endpoint. Attackers can exploit this to upload mali...
This critical vulnerability in litemall allows attackers to perform path traversal attacks via the delete function in the file handler component. Remote attackers can manipulate the 'key' parameter to...
This is a mass assignment vulnerability in Litemall 1.8.0 that allows unauthorized manipulation of adminComment parameters. Attackers can exploit this remotely to potentially modify comment data with ...