VYPR

starsea-mall

by StarSea99

CVEs (7)

  • CVE-2025-2089MedMar 7, 2025
    risk 0.35cvss 5.4epss 0.00

    A vulnerability has been found in StarSea99 starsea-mall 1.0/2.X and classified as critical. Affected by this vulnerability is the function updateUserInfo of the file /personal/updateInfo of the component com.siro.mall.controller.mall.UserController. The manipulation of the…

  • CVE-2025-0399MedJan 12, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in StarSea99 starsea-mall 1.0. It has been declared as critical. This vulnerability affects the function UploadController of the file src/main/java/com/siro/mall/controller/common/uploadController.java. The manipulation of the argument file leads to…

  • CVE-2025-2087LowMar 7, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability, which was classified as problematic, has been found in StarSea99 starsea-mall 1.0. This issue affects some unknown processing of the file /admin/goods/update. The manipulation of the argument goodsName leads to cross site scripting. The attack may be initiated…

  • CVE-2025-2086LowMar 7, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability classified as problematic was found in StarSea99 starsea-mall 1.0. This vulnerability affects unknown code of the file /admin/indexConfigs/update. The manipulation of the argument redirectUrl leads to cross site scripting. The attack can be initiated remotely.…

  • CVE-2025-2085LowMar 7, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability classified as problematic has been found in StarSea99 starsea-mall 1.0. This affects an unknown part of the file /admin/carousels/save. The manipulation of the argument redirectUrl leads to cross site scripting. It is possible to initiate the attack remotely. The…

  • CVE-2025-2352LowMar 16, 2025
    risk 0.16cvss 2.4epss 0.00

    A vulnerability, which was classified as problematic, has been found in StarSea99 starsea-mall 1.0. This issue affects some unknown processing of the file /admin/indexConfigs/save of the component Backend. The manipulation of the argument categoryName leads to cross site…

  • CVE-2025-0400LowJan 12, 2025
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was found in StarSea99 starsea-mall 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/categories/update. The manipulation of the argument categoryName leads to cross site scripting. The attack may be initiated…