📦 Newbee Mall

CVE-2026-26218 allows unauthenticated attackers to gain administrative control of newbee-mall applications by using predictable default passwords on pre-seeded administrator accounts. This affects dep...

CVE-2022-27477 is an arbitrary file upload vulnerability in Newbee-Mall v1.0.0 that allows authenticated attackers to upload malicious files via the admin goods edit interface. This affects all deploy...

CVE-2020-23448 is an authentication bypass vulnerability in newbee-mall e-commerce platform that allows remote attackers to gain administrative privileges without valid credentials. The vulnerability ...

CVE-2024-48178 is a Server-Side Request Forgery (SSRF) vulnerability in newbee-mall v1.0.0 that allows attackers to make the server send unauthorized requests to internal or external systems via the g...

This vulnerability in newbee-mall's order status handler allows attackers to manipulate order numbers to bypass authorization checks. Remote attackers can potentially access or modify order informatio...