📦 Mall Swarm

This vulnerability in macrozheng mall-swarm allows unauthorized deletion of user read history records through improper authorization in the delete function. Attackers can remotely exploit this to dele...

This vulnerability allows attackers to cancel orders without proper authorization in macrozheng mall-swarm and mall applications. Attackers can exploit this remotely by manipulating the orderId parame...

This vulnerability in macrozheng mall-swarm and mall allows attackers to bypass authorization by manipulating the orderID parameter in the paySuccess function. Remote attackers can exploit this to acc...

This vulnerability in macrozheng mall-swarm allows attackers to bypass authorization controls when manipulating the updateAttr function in the cart update endpoint. Attackers can exploit this remotely...

This vulnerability allows unauthorized access to order details in macrozheng mall-swarm and mall applications. Attackers can manipulate the orderId parameter to view orders they shouldn't have access ...

This vulnerability allows improper authorization in macrozheng mall-swarm and mall applications up to version 1.0.3. Attackers can manipulate the orderId parameter in the cancelUserOrder function to p...