CVE-2025-4259 | newbee-mall 1.0 UploadController.java upload File unrestricted upload

A vulnerability has been found in newbee-mall 1.0 and classified as critical. Affected by this vulnerability is the function Upload of the file ltd/newbee/mall/controller/common/UploadController.java. The manipulation of the argument File leads to unrestricted upload.

This vulnerability is known as CVE-2025-4259. The attack can be launched remotely. Furthermore, there is an exploit available.

This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

CVE-2025-4259 | newbee-mall 1.0 UploadController.java upload File unrestricted upload

Post correlati

CVE-2024-53696 | QNAP Systems QuLog Center/QTS/QuTS hero server-side request forgery (qsa-24-53)

CVE-2023-52950 | Synology Active Backup for Business Agent prior 2.7.0-3221 Login missing encryption (SA_24_11)

CVE-2023-47889 | com.bdrm.superreboot up to 1.0.3 on Android unknown vulnerability

CVE-2024-47833 | Avaiga taipy up to 3.x cookie httponly flag (GHSA-r3jq-4r5c-j9hp)