VYPR

Newbee Mall Plus

by Newbee Ltd

Source repositories

CVEs (2)

  • CVE-2025-15360MedDec 30, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted…

  • CVE-2025-12854LowNov 7, 2025
    risk 0.24cvss 3.7epss 0.00

    A vulnerability was identified in newbee-mall-plus up to 2.4.1. This vulnerability affects the function executeSeckill of the file /seckillExecution/. The manipulation of the argument userid leads to authorization bypass. It is possible to initiate the attack remotely. The…