CNNVD-202601-953 Information

CNNVD ID

CNNVD-202601-953

Related CVE

CVE-2025-15448

• CNNVD Published: 2026-01-05

Description (Chinese)

mall是macro个人开发者的一套电商系统，包括前台商城系统及后台管理系统。 mall 994f1e2b019378ec9444cdf3fce2d5b5f72d28f0及之前版本存在代码问题漏洞，该漏洞源于对文件src/main/java/com/macro/mall/controller/MinioController.java中函数Upload的错误操作，可能导致不受限制的上传。

Description (English)

Mall is a set of electrician systems for Macro’s personal developers, including the front and back office management systems. There is a code problem loophole in 994f1e2b019378ec944cdfdf3fce2d2d5b5f72d28f0, and earlier versions, which stems from an error in the Upload function in document src/main/java/com/macro/mall/controller/MinioController.java, which may lead to unrestricted uploading.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

个人开发者

Published

2026-01-05

Last Modified

2026-02-24

References

https://github.com/zyhzheng500-maker/cve/blob/main/javamall%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0.md https://vuldb.com/?ctiid.339481 https://vuldb.com/?id.339481 https://vuldb.com/?submit.721997 https://access.redhat.com/security/cve/cve-2025-15448