CNNVD-202506-3344 Information

CNNVD ID

CNNVD-202506-3344

Related CVE

CVE-2025-6702

• CNNVD Published: 2025-06-26

Description (Chinese)

litemall是linlinjava个人开发者的一个小商场系统。 litemall 1.8.0版本存在安全漏洞，该漏洞源于对文件/wx/comment/post中参数adminComment的错误操作导致授权不当。

Description (English)

Itemall is a small mall system for Linlinjava personal developers. There is a security loophole in version 1.8.0 of the forumall, which stems from an error in the performance of the parameter adminComment in the document/wx/comment/post, resulting in an improper authorization.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Live Support

Published

2025-06-26

Last Modified

2026-02-24

References

https://ctf-n0el4kls.notion.site/Litemall-Mass-Assignment-Vulnerability-in-wx-comment-post-21441990f447808b86d1cb15e37ecae9?source=copy_link https://vuldb.com/?ctiid.313968 https://vuldb.com/?id.313968 https://vuldb.com/?submit.597473