CVE-2025-4259 | newbee-mall 1.0 UploadController.java upload File unrestricted upload

A vulnerability has been found in newbee-mall 1.0 and classified as critical. Affected by this vulnerability is the function Upload of the file ltd/newbee/mall/controller/common/UploadController.java. The manipulation of the argument File leads to unrestricted upload.

This vulnerability is known as CVE-2025-4259. The attack can be launched remotely. Furthermore, there is an exploit available.

This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

CVE-2025-4259 | newbee-mall 1.0 UploadController.java upload File unrestricted upload

Post correlati

CVE-2023-51746 | Siemens JT2Go/Teamcenter Visualization CGM File stack-based overflow (ssa-794653)

CVE-2024-57630 | MonetDB Server 11.49.1 SQL exps_card denial of service (Issue 7439)

CVE-2024-1410 | Cloudflare quiche up to 0.19.1/0.20.0 resource consumption (GHSA-xhg9-xwch-vr7x)

CVE-2024-36340 | AMD μProf up to 4.x insecure operation on windows junction / mount point