CVE-2025-0399 | StarSea99 starsea-mall 1.0 uploadController.java UploadController file unrestricted upload

Posted by Angelo Barbosa | Jan 12, 2025 | CVE

A vulnerability was found in StarSea99 starsea-mall 1.0. It has been declared as critical. This vulnerability affects the function UploadController of the file src/main/java/com/siro/mall/controller/common/uploadController.java. The manipulation of the argument file leads to unrestricted upload.

This vulnerability was named CVE-2025-0399. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-0399 | StarSea99 starsea-mall 1.0 uploadController.java UploadController file unrestricted upload

Related Posts

CVE-2023-6745 | Custom Field Template Plugin up to 2.6.1 on WordPress Shortcode cross site scripting

CVE-2024-36264 | Apache Submarine Commons Utils 0.8.0 improper authentication

CVE-2024-45792 | MantisBT up to 2.26.3 POST Request information disclosure

CVE-2024-34529 | Nebari up to 2024.4.1 Keycloak Password information disclosure (Issue 2282)