📦 Tmall Demo

An access control vulnerability in Tmall_demo v2024.07.03 allows attackers to bypass authentication mechanisms and access sensitive information. This affects all systems running the vulnerable version...

This SQL injection vulnerability in Tmall_demo allows attackers to execute arbitrary SQL commands through user input. It affects all systems running Tmall_demo versions before v2024.07.03. Attackers c...

This CSRF vulnerability in Tmall Demo allows attackers to trick authenticated administrators into performing unintended logout actions via malicious requests. It affects all versions up to 20250505 wh...

This critical vulnerability in Tmall Demo allows remote attackers to upload arbitrary files without restrictions via the uploadProductImage function. This affects all versions up to May 5, 2025. Attac...

This critical SQL injection vulnerability in Mini-Tmall allows remote attackers to execute arbitrary SQL commands by manipulating the 'orderBy' parameter in the ProductMapper.java file. This can lead ...

Tmall_demo v2024.07.03 contains an unrestricted file upload vulnerability in the uploadUserHeadImage component, allowing attackers to upload malicious files to the server. This affects all users runni...