A vulnerability classified as critical was found in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file AdminGoodscontroller.java. The manipulation of the argument goodsId/goodsSn/name leads to sql injection.
This vulnerability is known as CVE-2024-6452. The attack can be launched remotely. Furthermore, there is an exploit available.