CVE-2025-4118 | Weitong Mall 1.0.0 Product History /historyList isDelete access control

Inserito da Angelo Barbosa | Apr 30, 2025 | CVE

A vulnerability classified as critical has been found in Weitong Mall 1.0.0. This affects an unknown part of the file /historyList of the component Product History Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls.

This vulnerability is uniquely identified as CVE-2025-4118. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-4118 | Weitong Mall 1.0.0 Product History /historyList isDelete access control

Post correlati

CVE-2024-32549 | Microkid Related Posts for WordPress Plugin up to 4.0.3 on WordPress cross-site request forgery

CVE-2024-2661 | Barcode Scanner with Inventory & Order Manager Plugin sql injection

CVE-2024-41086 | Linux Kernel up to 6.9.7 bcachefs bch2_sb_downgrade_validate (bf920ed92ef2/692aa7a54b2b)

CVE-2024-31859 | Mattermost up to 8.1.12/9.5.3/9.6.1 Playbook access control