CVE-2025-7938 | jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 GoodsController.java updateGoods authorization

Inserito da Angelo Barbosa | Lug 21, 2025 | CVE

A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 and classified as critical. This issue affects the function updateGoods of the file GoodsController.java. The manipulation leads to authorization bypass.

The identification of this vulnerability is CVE-2025-7938. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-7938 | jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 GoodsController.java updateGoods authorization

Post correlati

CVE-2024-36883 | Linux Kernel up to 6.8.9 ops_init out-of-bounds

CVE-2024-51719 | Kevin Walker & Roman Peterhans Simplistic SEO Plugin up to 2.3.0 on WordPress cross site scripting

CVE-2024-3668 | PowerPack Pro for Elementor Plugin up to 2.10.17 on WordPress improper authentication

CVE-2024-12165 | Mollie for Contact Form 7 Plugin up to 5.0.0 on WordPress cross site scripting