VYPR
Medium severity4.3NVD Advisory· Published Dec 28, 2025· Updated Apr 29, 2026

CVE-2025-15118

CVE-2025-15118

Description

A security vulnerability has been detected in macrozheng mall up to 1.0.3. This vulnerability affects unknown code of the file /member/address/update/ of the component Member Endpoint. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Macrozheng/Mall2 versions
    cpe:2.3:a:macrozheng:mall:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:macrozheng:mall:*:*:*:*:*:*:*:*range: <=1.0.3
    • (no CPE)range: <=1.0.3

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.