CNNVD-202602-2098 Information

CNNVD ID

CNNVD-202602-2098

Related CVE

CVE-2026-26218

• CNNVD Published: 2026-02-12

Description (Chinese)

newbee-mall是newbee开源的一套电子商务系统。 newbee-mall存在信任管理问题漏洞，该漏洞源于数据库初始化脚本中包含具有可预测默认密码的预置管理员账户，可能导致未经身份验证的攻击者以管理员身份登录并获得完全管理控制权。

Description (English)

Newbee-mall is an open-source e-commerce system for newbees. Newbee-mall had a trust management gap, which stemmed from the pre-set administrator account in the initialization script of the database, which contained a predictable default password, which could lead to unidentified assailants entering as administrators and gaining full managerial control.

Hazard Level

Low

Vulnerability Type

信任管理问题

Affected Vendor

newbee

Published

2026-02-12

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/newbee-mall-default-seeded-administrator-credentials-allow-account-takeover https://github.com/newbee-ltd/newbee-mall/issues/119 https://access.redhat.com/security/cve/cve-2026-26218