CVE-2025-8991 | linlinjava litemall up to 1.8.0 Business Logic /admin/config/express litemall_express_freight_min logic error (Issue 566)

Inserito da Angelo Barbosa | Ago 13, 2025 | CVE

A vulnerability classified as critical was found in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file /admin/config/express of the component Business Logic Handler. The manipulation of the argument litemall_express_freight_min leads to business logic errors.

This vulnerability is known as CVE-2025-8991. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-8991 | linlinjava litemall up to 1.8.0 Business Logic /admin/config/express litemall_express_freight_min logic error (Issue 566)

Post correlati

CVE-2024-7847 | Rockwell Automation RSLogix 5 Project File data authenticity

CVE-2024-56317 | Matter up to 1.4.0.0 access-control-server.cpp WriteAcl permissions (Issue 36535)

CVE-2024-34069 | pallets werkzeug up to 3.0.2 cross-site request forgery (GHSA-2g68-c3qc-8985)

CVE-2023-28875 | Afian Filerun 20220202 Share Link cross site scripting