CVE-2025-4119 | Weitong Mall 1.0.0 Product Statistics /queryTotal isDelete access control

Inserito da Angelo Barbosa | Apr 30, 2025 | CVE

A vulnerability classified as critical was found in Weitong Mall 1.0.0. This vulnerability affects unknown code of the file /queryTotal of the component Product Statistics Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls.

This vulnerability was named CVE-2025-4119. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-4119 | Weitong Mall 1.0.0 Product Statistics /queryTotal isDelete access control

Post correlati

CVE-2021-34957 | Foxit PDF Editor 11.0.0.49893 Highlight Annotation use after free (ZDI-21-1188)

CVE-2024-13099 | Widget4Call Plugin up to 1.0.7 on WordPress cross site scripting

CVE-2025-23989 | Alessandro Piconi SabLab Internal Link Builder Plugin up to 1.0 on WordPress cross-site request forgery

CVE-2024-1610 | OPPO Store App 4.32.1 input validation