CNNVD-202507-2823 Information

CNNVD ID

CNNVD-202507-2823

Related CVE

CVE-2025-7939

• CNNVD Published: 2025-07-21

Description (Chinese)

JPACookieShop是Jerryshensjf个人开发者的一款蛋糕商城平台软件。 JPACookieShop 1.0版本存在代码问题漏洞，该漏洞源于对文件GoodsController.java中函数addGoods的错误操作导致无限制上传。

Description (English)

JPACookieShop is a cake mall platform for Jerryshensjf’s personal developer. JPACookieShop 1.0 has a code problem loophole, which results from an unlimited upload due to an error in the function addGoods in the file GoodsController.java.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

个人开发者

Published

2025-07-21

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.317076 https://vuldb.com/?id.317076 https://vuldb.com/?submit.618986 https://github.com/Bemcliu/cve-reports/blob/main/cve-03-%E8%9B%8B%E7%B3%95%E5%95%86%E5%9F%8EJPA%E7%89%88-Arbitrary%20File%20Upload/readme.md