CNNVD-202509-1769 Information
Sep 12, 2025
cve
CNNVD ID
CNNVD-202509-1769
Related CVE
- CNNVD Published: 2025-09-12
Description (Chinese)
litemall是linlinjava个人开发者的一个小商场系统。 litemall 1.8.0及之前版本存在授权问题漏洞,该漏洞源于对文件/wx/aftersale/cancel中函数WxAftersaleController的参数ID的错误操作,可能导致授权不当。
Description (English)
Itemall is a small mall system for Linlinjava personal developers. Litemal 1.8.0 and previous versions contain a bug in the delegation of authority resulting from an error in the id of the parameter WxAffersaleController in document/wx/affersale/cancel.
Hazard Level
High
Vulnerability Type
授权问题
Affected Vendor
个人开发者
Published
2025-09-12
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.323717 https://vuldb.com/?id.323717 https://vuldb.com/?submit.643390 https://www.cnblogs.com/aibot/p/19063376 https://access.redhat.com/security/cve/cve-2025-10291
Share on: