CVE-2025-7939 | jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 GoodsController.java addGoods unrestricted upload

Inserito da Angelo Barbosa | Lug 21, 2025 | CVE

A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0. It has been classified as critical. Affected is the function addGoods of the file GoodsController.java. The manipulation leads to unrestricted upload.

This vulnerability is traded as CVE-2025-7939. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-7939 | jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 GoodsController.java addGoods unrestricted upload

Post correlati

CVE-2024-25501 | WinMail up to 5.1/7.1 email cross site scripting

CVE-2024-39392 | Adobe InDesign Desktop up to 18.5.2/19.3 heap-based overflow (apsb24-48)

CVE-2024-38809 | Vmware Spring Framework up to 5.3.37/6.0.22/6.1.11 Conditional HTTP Request ETags denial of service

CVE-2024-20119 | MediaTek MT8676 Mms write-what-where condition (MSV-1620 / ALPS09062301)