📦 Mall Tiny

This vulnerability in macrozheng mall-tiny 1.0.1 allows attackers to maintain access to user accounts even after logout due to improper token invalidation. The logout function fails to properly invali...

CVE-2024-57434 is an incorrect access control vulnerability in macrozheng mall-tiny 1.0.1 where default imported test users are granted super administrator privileges. This allows attackers to gain ad...

This vulnerability allows attackers to forge JWT tokens for any user in macrozheng mall-tiny 1.0.1, enabling complete authentication bypass. Attackers can impersonate any user, including administrator...

This vulnerability in macrozheng mall-tiny 1.0.1 allows attackers to cause denial-of-service by sending null data through the resource creation interface, triggering a null pointer dereference that cr...